JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.237.138.44

109.237.138.44 was found in our database!

This IP was reported 83 times. Confidence of Abuse is 0%: ?

ISP	Alfahosting GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45012
Hostname(s)	alfa3032.alfahosting-server.de
Domain Name	alfahosting.de
Country	🇩🇪 Germany
City	Leipzig, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.237.138.44

Whois 109.237.138.44

IP Abuse Reports for 109.237.138.44:

This IP address has been reported a total of 83 times from 40 distinct sources. 109.237.138.44 was first reported on October 1st 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 unhfree.net	2025-04-01 00:59:30 (1 year ago)	Apr 1 01:30:41 canopus postfix/smtpd[3194228]: NOQUEUE: reject: RCPT from alfa3032.alfahosting-serv ... show more Apr 1 01:30:41 canopus postfix/smtpd[3194228]: NOQUEUE: reject: RCPT from alfa3032.alfahosting-server.de[109.237.138.44]: 554 5.7.1 <[email protected]>: Recipient address rejected: Maximum 20 messages per 60 minutes limit reached; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<localhost> Apr 1 01:30:41 canopus postfix/smtpd[3194228]: too many errors after RCPT from alfa3032.alfahosting-server.de[109.237.138.44] Apr 1 01:30:43 canopus postfix/smtpd[3194294]: NOQUEUE: reject: RCPT from alfa3032.alfahosting-server.de[109.237.138.44]: 554 5.7.1 <[email protected]>: Recipient address rejected: Maximum 20 messages per 60 minutes limit reached; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<localhost> Apr 1 01:30:43 canopus postfix/smtpd[3194294]: too many errors after RCPT from alfa3032.alfahosting-server.de[109.237.138.44] Apr 1 02:59:29 canopus postfix/smtpd[3206609]: NOQUEUE: reject: RCPT from alfa3032.alfa ... show less	Brute-Force Exploited Host
🇫🇷 ingroscart.it	2025-03-31 15:59:12 (1 year ago)	(wordpress) Failed wordpress login from 109.237.138.44 (DE/Germany/alfa3032.alfahosting-server.de)	Brute-Force
🇩🇪 LRob.fr	2025-03-30 10:30:08 (1 year ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2025-03-29 13:19:45 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-27 01:51:37 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 LRob.fr	2025-03-27 00:02:50 (1 year ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
Anonymous	2025-03-26 21:17:14 (1 year ago)	Trawling for Open Source CMS installs	Hacking Brute-Force
🇳🇱 ipoac.nl	2025-03-25 02:04:12 (1 year ago)	2025-03-25T03:04:12.015492+01:00 ipoac.nl wordpress(*)[238365]: Authentication failure forfrom ... show more 2025-03-25T03:04:12.015492+01:00 ipoac.nl wordpress()[238365]: Authentication failure for*from 109.237.138.44 show less	Web App Attack
🇩🇪 LRob.fr	2025-03-25 00:13:50 (1 year ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇨🇿 ddw	2025-03-24 23:21:22 (1 year ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
🇩🇪 Dadelinux	2025-03-24 12:27:04 (1 year ago)	109.237.138.44 - - [24/Mar/2025:13:16:46 +0100] "GET /wp-login.php HTTP/2.0" 200 4568 "-" "Mozilla/5 ... show more 109.237.138.44 - - [24/Mar/2025:13:16:46 +0100] "GET /wp-login.php HTTP/2.0" 200 4568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 109.237.138.44 - - [24/Mar/2025:13:16:47 +0100] "POST /wp-login.php HTTP/2.0" 200 4474 "https://lorenzogramaccia.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 109.237.138.44 - - [24/Mar/2025:13:27:04 +0100] "GET /wp-login.php HTTP/2.0" 200 4568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	SQL Injection Web App Attack
🇩🇪 Dadelinux	2025-03-24 04:21:32 (1 year ago)	109.237.138.44 - - [24/Mar/2025:05:20:20 +0100] "GET /wp-login.php HTTP/2.0" 200 4567 "-" "Mozilla/5 ... show more 109.237.138.44 - - [24/Mar/2025:05:20:20 +0100] "GET /wp-login.php HTTP/2.0" 200 4567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 109.237.138.44 - - [24/Mar/2025:05:20:21 +0100] "POST /wp-login.php HTTP/2.0" 200 4473 "https://lorenzogramaccia.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" 109.237.138.44 - - [24/Mar/2025:05:21:31 +0100] "GET /wp-login.php HTTP/2.0" 200 4567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	SQL Injection Web App Attack
Anonymous	2025-03-24 03:08:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 LRob.fr	2025-03-23 23:59:40 (1 year ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
Anonymous	2025-03-23 18:35:05 (1 year ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host

Showing 1 to 15 of 83 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 212.135.208.17

🇩🇪 167.94.146.32

🇺🇸 162.217.165.234

🇺🇸 162.216.149.126

🇮🇳 45.79.123.76

🇰🇷 1.241.64.237

🇺🇸 206.223.228.197

🇸🇬 206.189.154.9

🇨🇳 171.37.190.122

🇷🇴 92.118.39.236

🇱🇹 45.227.254.170

🇫🇷 207.180.221.143

🇺🇸 204.152.192.237

🇫🇷 91.196.152.177

🇱🇻 83.99.206.11

🇧🇬 79.124.62.126

🇺🇸 66.132.195.46

🇳🇱 45.148.10.147

🇫🇮 37.27.214.143

🇧🇾 212.98.167.185