JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.247.4.13

38.247.4.13 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 28%: ?

28%

ISP	Cogent Communications, LLC
Usage Type	Fixed Line ISP
ASN	AS274022
Domain Name	cogentco.com
Country	🇻🇪 Venezuela (Bolivarian Republic of)
City	Cumana, Sucre

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.247.4.13

Whois 38.247.4.13

IP Abuse Reports for 38.247.4.13:

This IP address has been reported a total of 21 times from 20 distinct sources. 38.247.4.13 was first reported on May 27th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-15 00:25:49 (6 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 gui-ying233	2026-05-28 02:59:20 (3 weeks ago)	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0. ... show more Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36 show less	Bad Web Bot
🇬🇧 PeravixGroup	2026-05-05 16:58:51 (1 month ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇦🇺 PetePK	2026-05-04 15:29:03 (1 month ago)	Probed 1 time(s): TCP/23	Port Scan
Anonymous	2026-05-03 01:51:46 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-05-01 20:37:21 (1 month ago)	tcp/23	Port Scan
🇨🇦 Largnet SOC	2026-04-30 17:31:54 (1 month ago)	38.247.4.13 triggered Icarus honeypot on port 23. Check us out on github.	Port Scan Hacking
Anonymous	2026-04-23 11:16:28 (1 month ago)	2026-04-23 7:16:27 177518986 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: ... show more 2026-04-23 7:16:27 177518986 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: NO) 2026-04-23 7:16:27 177518989 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: YES) 2026-04-23 7:16:28 177518994 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: YES) ... show less	Brute-Force
🇬🇧 Xiaohack	2026-04-22 15:05:49 (1 month ago)	2026-04-22 17:05:46 10626 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: NO) ... show more 2026-04-22 17:05:46 10626 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: NO) 2026-04-22 17:05:47 10627 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: YES) 2026-04-22 17:05:47 10628 [Warning] Access denied for user 'root'@'38.247.4.13' (using password: YES) ... show less	Brute-Force
🇷🇸 Scan	2026-04-22 00:22:34 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-04-15 11:14:11 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 38.247.4.13 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 38.247.4.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 07:14:06.770092 2026] [security2:error] [pid 1087208:tid 1087208] [client 38.247.4.13:34930] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|pages4you.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pages4you.com"] [uri "/pages4you.com/dj/graphics/Andrews/Thumbs.db"] [unique_id "ad9y_kXew9l2fs8qzix0JAAAAAs"], referer: http://pages4you.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-04-08 02:38:46 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 EGP Abuse Dept	2026-04-08 02:08:01 (2 months ago)	Scraping webshop URLs (www.creall.com), likely botnet drone	Bad Web Bot Exploited Host
🇺🇸 quilla	2026-04-03 03:20:35 (2 months ago)	Botnet infected device observed in honeypot (Vector: TCP)	DDoS Attack
🇺🇸 stechusa	2026-03-28 19:59:31 (2 months ago)	ELEVATED_THREAT \| country=VE \| ASN=SUCRENET, C.A. \| 24 IPs targeting /brand/satco-products-inc.html ... show more ELEVATED_THREAT \| country=VE \| ASN=SUCRENET, C.A. \| 24 IPs targeting /brand/satco-products-inc.html \| Facet request during elevated threat (facet_ratio=0.69, unique_ips=315) \| HTTP/1.1 over TLS (elevated=True) show less	Bad Web Bot DDoS Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.141.71.166

🇬🇧 185.247.137.138

🇬🇧 159.65.91.36

🇺🇸 147.182.247.10

🇵🇪 38.158.83.105

🇺🇸 3.87.27.156

🇵🇭 126.209.52.228

🇮🇳 122.165.72.15

🇬🇧 193.32.209.234

🇧🇴 190.129.122.12

🇳🇱 176.65.139.181

🇺🇸 172.172.214.224

🇧🇷 164.163.24.11

🇨🇳 122.239.96.227

🇨🇳 117.132.188.204

🇮🇳 103.91.246.101

🇧🇷 45.205.1.42

🇷🇺 37.77.150.241

🇺🇸 2604:a880:400:d1:0:4:9e78:7001

🇧🇷 189.84.238.246