JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.38.184.249

41.38.184.249 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 58%: ?

58%

ISP	TE Data
Usage Type	Fixed Line ISP
ASN	AS8452
Domain Name	tedata.net
Country	🇪🇬 Egypt
City	Cairo, Cairo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.38.184.249

Whois 41.38.184.249

IP Abuse Reports for 41.38.184.249:

This IP address has been reported a total of 25 times from 18 distinct sources. 41.38.184.249 was first reported on March 14th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 14:35:33 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:35:28.890652 2026] [security2:error] [pid 30207:tid 30207] [client 41.38.184.249:63650] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.38.184.249 (+1 hits since last alert)\|geodogs.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geodogs.org"] [uri "/xmlrpc.php"] [unique_id "aiGNMCJrSs2LW33Hprgh0gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 13:18:04 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:17:57.772950 2026] [security2:error] [pid 13700:tid 13700] [client 41.38.184.249:64337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.38.184.249 (+1 hits since last alert)\|rotentendales.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rotentendales.com"] [uri "/xmlrpc.php"] [unique_id "aiF7Bbx6eWPdTosqbMn2aAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 13:00:33 (9 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 09:00:30.441848 2026] [security2:error] [pid 14235:tid 14387] [client 41.38.184.249:63476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.38.184.249 (+1 hits since last alert)\|rockabyecotons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockabyecotons.com"] [uri "/xmlrpc.php"] [unique_id "aiF27ov56TYEtDB1ER42QQAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-04 10:11:24 (12 hours ago)	(wordpress) Failed wordpress login from 41.38.184.249 (EG/Egypt/-)	Brute-Force
🇫🇷 masterguru	2026-06-04 09:22:22 (12 hours ago)	(xmlrpc) Apache: Failed xmlrpc access from 41.38.184.249 (EG/Egypt/-): 10 in the last 3600 secs (0-2 ... show more (xmlrpc) Apache: Failed xmlrpc access from 41.38.184.249 (EG/Egypt/-): 10 in the last 3600 secs (0-201) show less	Hacking
Anonymous	2026-06-04 08:34:46 (13 hours ago)	Attac	Brute-Force
🇺🇸 TAY	2026-06-03 20:10:05 (1 day ago)	41.38.184.249 - - [04/Jun/2026:04:09:30 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Jetpack/12. ... show more 41.38.184.249 - - [04/Jun/2026:04:09:30 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Jetpack/12.5; WordPress/6.3; http://site25552761.com" 41.38.184.249 - - [04/Jun/2026:04:09:44 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 41.38.184.249 - - [04/Jun/2026:04:10:04 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4404 "-" "Jetpack/13.0; WordPress/6.3; http://site42623913.com" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 11:23:35 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 07:23:26.943666 2026] [security2:error] [pid 16260:tid 16260] [client 41.38.184.249:51016] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.38.184.249 (+1 hits since last alert)\|dragonflytunes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dragonflytunes.com"] [uri "/xmlrpc.php"] [unique_id "aiAOrtyd44rgB3hwhtuWJwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 18:10:11 (2 days ago)	Attac	Brute-Force
Anonymous	2026-06-02 16:04:24 (2 days ago)	Fail2ban filtered ...	Web App Attack
🇪🇨 icp77	2026-06-02 15:09:00 (2 days ago)	Abuse DDoS	DDoS Attack Port Scan Brute-Force Exploited Host Web App Attack SSH FTP Brute-Force Hacking SQL Injection
🇩🇪 dbmwebdesign	2026-06-02 15:00:27 (2 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 17:13:57 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 41.38.184.249 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 13:13:50.341198 2026] [security2:error] [pid 15796:tid 15796] [client 41.38.184.249:64972] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.38.184.249 (+1 hits since last alert)\|barkatthemoonpetsitting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barkatthemoonpetsitting.com"] [uri "/xmlrpc.php"] [unique_id "ah29zuWnwj2-NTKiUi5a_gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-01 15:33:08 (3 days ago)	(wordpress) Failed wordpress login from 41.38.184.249 (EG/Egypt/-)	Brute-Force
🇫🇷 Lunix	2026-06-01 14:51:03 (3 days ago)		Brute-Force Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 181.50.102.225

🇫🇷 152.228.133.93

🇩🇪 109.91.4.177

🇨🇦 85.217.149.68

🇳🇱 45.148.10.151

🇨🇳 220.167.233.243

🇨🇳 182.43.164.191

🇨🇳 120.229.47.124

🇨🇳 110.228.36.25

🇮🇩 108.136.131.13

🇺🇸 64.62.197.112

🇦🇷 45.230.80.52

🇳🇱 45.148.10.35

🇶🇦 2001:1a10:195e:e900:a9f6:199c:8704:2709

🇰🇷 220.86.28.189

🇹🇼 198.235.24.72

🇻🇳 171.244.141.86

🇳🇱 159.223.238.255

🇨🇳 129.28.84.30

🇷🇴 92.118.39.225