JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 38.45.248.17

38.45.248.17 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 24%: ?

24%

ISP	WANTELCO SAS DE CV
Usage Type	Fixed Line ISP
ASN	AS270209
Domain Name	wantelco.com
Country	🇲🇽 Mexico
City	Santiago de Queretaro, Queretaro

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 38.45.248.17

Whois 38.45.248.17

IP Abuse Reports for 38.45.248.17:

This IP address has been reported a total of 16 times from 12 distinct sources. 38.45.248.17 was first reported on November 30th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-12 22:47:01 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
Anonymous	2026-05-12 15:50:41 (1 month ago)	XMLRPC BRUTEFORCE - HTTP (Request)	Hacking
🇨🇭 Origon	2026-05-09 20:30:12 (1 month ago)	NOQUEUE - IP: 38.45.248.17 - May 9 22:30:12 plesk postfix/smtpd[3921738]: NOQUEUE: reject: RCPT fro ... show more NOQUEUE - IP: 38.45.248.17 - May 9 22:30:12 plesk postfix/smtpd[3921738]: NOQUEUE: reject: RCPT from unknown[38.45.248.17]: 554 5.7.1 Service unavailable; Client host [38.45.248.17] blocked using dnsbl-1.uceprotect.net; IP 38.45.248.17 is UCEPROTECT-Level 1 listed. See http://www.uceprotect.net/rblcheck.php?ipr=38.45.248.17; from=<[email protected]> to=<REDACTED@REDACTED> proto=ESMTP helo=<melamineiseverywhere.com> show less	Email Spam
🇳🇵 radheykrishna.com.np	2026-05-06 04:48:57 (1 month ago)	May 6 10:33:56 kernel: [1532673.021185] [UFW BLOCK] IN=ens160 OUT= SRC=38.45.248.17 LEN=60 TOS=0x00 ... show more May 6 10:33:56 kernel: [1532673.021185] [UFW BLOCK] IN=ens160 OUT= SRC=38.45.248.17 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=28387 DF PROTO=TCP SPT=45224 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇦🇹 urnilxfgbez	2026-05-03 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-05-03 07:34:00 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇦🇹 urnilxfgbez	2026-05-01 22:45:00 (1 month ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 xmission.com	2026-05-01 20:34:33 (1 month ago)	Blocked by UFW (TCP on 23) Source port: 55034 TTL: 45 Packet length: 60 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 55034 TTL: 45 Packet length: 60 TOS: 0x08 This report (for 38.45.248.17) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇳🇱 wlt-blocker	2026-04-28 07:35:15 (1 month ago)	Attempts to login to mail server with wrong username and/or password	Brute-Force
🇨🇭 Origon	2026-04-26 22:45:58 (1 month ago)	NOQUEUE - IP: 38.45.248.17 - Apr 27 00:45:58 plesk postfix/smtpd[1596771]: NOQUEUE: reject: RCPT fr ... show more NOQUEUE - IP: 38.45.248.17 - Apr 27 00:45:58 plesk postfix/smtpd[1596771]: NOQUEUE: reject: RCPT from unknown[38.45.248.17]: 554 5.7.1 Service unavailable; Client host [38.45.248.17] blocked using dnsbl-1.uceprotect.net; IP 38.45.248.17 is UCEPROTECT-Level 1 listed. See http://www.uceprotect.net/rblcheck.php?ipr=38.45.248.17; from=<[email protected]> to=<REDACTED@REDACTED> proto=ESMTP helo=<reseau-ferre-livradois-forez-velay.fr> show less	Email Spam
🇨🇭 Origon	2026-04-22 05:45:44 (1 month ago)	NOQUEUE - IP: 38.45.248.17 - Apr 22 07:45:44 plesk postfix/smtpd[1814560]: NOQUEUE: reject: RCPT fr ... show more NOQUEUE - IP: 38.45.248.17 - Apr 22 07:45:44 plesk postfix/smtpd[1814560]: NOQUEUE: reject: RCPT from unknown[38.45.248.17]: 554 5.7.1 Service unavailable; Client host [38.45.248.17] blocked using dnsbl-1.uceprotect.net; IP 38.45.248.17 is UCEPROTECT-Level 1 listed. See http://www.uceprotect.net/rblcheck.php?ipr=38.45.248.17; from=<[email protected]> to=<REDACTED@REDACTED> proto=ESMTP helo=<gadamotocikls.lv> show less	Email Spam
🇧🇪 dbelm	2026-04-19 01:12:40 (1 month ago)	RdpGuard detected brute-force attempt on IMAP	Brute-Force
🇺🇸 matt	2026-03-03 23:09:22 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
Anonymous	2026-02-13 03:44:10 (4 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 TPI-Abuse	2026-01-05 07:51:47 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 38.45.248.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 38.45.248.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 05 02:51:44.241838 2026] [security2:error] [pid 20071:tid 20071] [client 38.45.248.17:34362] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.circulodesonido.org\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.circulodesonido.org"] [uri "/[email protected]"] [unique_id "aVttkLlM4WYu4ZYj0nDL7QAAACE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 130.131.162.246

🇹🇼 198.235.24.114

🇩🇪 194.187.176.100

🇲🇽 187.191.48.5

🇭🇰 154.221.17.137

🇺🇸 147.185.132.137

🇨🇳 111.26.101.77

🇧🇬 79.124.62.134

🇨🇦 75.155.10.203

🇺🇸 65.49.1.99

🇮🇳 49.207.245.86

🇭🇰 45.142.154.98

🇺🇸 45.42.88.54

🇸🇳 41.82.50.218

🇨🇱 34.176.57.219

🇧🇪 34.140.251.161

🇨🇳 222.176.200.247

🇫🇷 212.83.145.101

🇮🇩 123.231.157.242

🇮🇩 114.10.121.86