JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.25.96.79

130.25.96.79 was found in our database!

This IP was reported 54 times. Confidence of Abuse is 100%: ?

100%

ISP	Fastweb SpA
Usage Type	Fixed Line ISP
ASN	AS30722
Hostname(s)	net-130-25-96-79.cust.vodafonedsl.it
Domain Name	fastweb.it
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.25.96.79

Whois 130.25.96.79

IP Abuse Reports for 130.25.96.79:

This IP address has been reported a total of 54 times from 40 distinct sources. 130.25.96.79 was first reported on April 30th 2026, and the most recent report was 25 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 KnightIndustries	2026-06-05 01:33:06 (25 minutes ago)	2026-06-05T03:32:37.204083+02:00 milkyway wordpress(oldscarborough.com)[2526398]: XML-RPC authentica ... show more 2026-06-05T03:32:37.204083+02:00 milkyway wordpress(oldscarborough.com)[2526398]: XML-RPC authentication failure for joshua from 130.25.96.79 2026-06-05T03:32:52.571227+02:00 milkyway wordpress(oldscarborough.com)[2526393]: XML-RPC authentication failure for joshua from 130.25.96.79 2026-06-05T03:33:05.550844+02:00 milkyway wordpress(oldscarborough.com)[2526396]: XML-RPC authentication failure for joshua from 130.25.96.79 ... show less	Brute-Force Web App Attack
🇺🇸 Jason Howell	2026-06-04 21:39:39 (4 hours ago)	130.25.96.79 - - [04/Jun/2026:16:37:18 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Mozilla/5.0 ... show more 130.25.96.79 - - [04/Jun/2026:16:37:18 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.0.0 Safari/537.36" 130.25.96.79 - - [04/Jun/2026:16:38:30 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36" 130.25.96.79 - - [04/Jun/2026:16:38:54 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.0.0 Safari/537.36" 130.25.96.79 - - [04/Jun/2026:16:39:17 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Mozilla/5.0 (Windows NT 6.3; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/85.0.0.0 Safari/537.36" 130.25.96.79 - - [04/Jun/2026:16:39:38 -0500] "POST /xmlrpc.php HTTP/1.1" 200 2986 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" ... show less	Web App Attack
🇩🇪 Marc	2026-06-03 22:32:32 (1 day ago)	130.25.96.79 - - [04/Jun/2026:00:31:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3453 "-" "Mozilla/5.0 ... show more 130.25.96.79 - - [04/Jun/2026:00:31:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3453 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/63.0.0.0 Safari/537.36" 130.25.96.79 - - [04/Jun/2026:00:32:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3454 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/12.0.0.0 Safari/537.36" 130.25.96.79 - - [04/Jun/2026:00:32:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3453 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/92.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇳🇱 Joop	2026-06-03 17:30:32 (1 day ago)	2026-06-03 19:30:29 +0200 s2 /xmlrpc.php	Web App Attack
🇺🇸 TAY	2026-06-01 17:53:11 (3 days ago)	130.25.96.79 - - [02/Jun/2026:01:51:08 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4437 "-" "Mozilla/5.0 ... show more 130.25.96.79 - - [02/Jun/2026:01:51:08 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4437 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/13.0.0.0 Safari/537.36" 130.25.96.79 - - [02/Jun/2026:01:52:56 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4437 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.0.0 Safari/537.36" 130.25.96.79 - - [02/Jun/2026:01:53:10 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4437 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/13.0.0.0 Safari/537.36" ... show less	Brute-Force
🇩🇪 abdubhai	2026-06-01 03:33:29 (3 days ago)	130.25.96.79 - - [01/Jun/2026:08 ...	Brute-Force
🇹🇷 Threat.live	2026-05-30 17:45:03 (5 days ago)	Suspicious Connection Attempts	Brute-Force
🇨🇭 4server	2026-05-30 15:11:09 (5 days ago)	[SatMay3017:11:05.1908102026][security2:error][pid3075845:tid3076705][client130.25.96.79:0]ModSecuri ... show more [SatMay3017:11:05.1908102026][security2:error][pid3075845:tid3076705][client130.25.96.79:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"hostingsvizzera.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahr-CSdH3Mx2HnItutgjGQAAARU\"] show less	Hacking Web App Attack
Anonymous	2026-05-30 09:50:02 (5 days ago)	Web App Attack, Hacking	Hacking Web App Attack
🇫🇷 masterguru	2026-05-30 04:33:50 (5 days ago)	(xmlrpc) Apache: Failed xmlrpc access from 130.25.96.79 (IT/Italy/net-130-25-96-79.cust.vodafonedsl. ... show more (xmlrpc) Apache: Failed xmlrpc access from 130.25.96.79 (IT/Italy/net-130-25-96-79.cust.vodafonedsl.it): 10 in the last 3600 secs (0-201) show less	Hacking
Anonymous	2026-05-29 14:39:07 (6 days ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2026-05-29 11:01:02 (6 days ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇺🇸 TAY	2026-05-29 00:23:41 (1 week ago)	130.25.96.79 - - [29/May/2026:08:21:34 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4380 "-" "Mozilla/5.0 ... show more 130.25.96.79 - - [29/May/2026:08:21:34 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4380 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/94.0.0.0 Safari/537.36" 130.25.96.79 - - [29/May/2026:08:23:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4380 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/62.0.0.0 Safari/537.36" 130.25.96.79 - - [29/May/2026:08:23:40 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4380 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/74.0.0.0 Safari/537.36" ... show less	Brute-Force
🇮🇩 Burayot	2026-05-27 13:56:00 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 130.25.96.79 (IT/Italy/net-130-25-9 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 130.25.96.79 (IT/Italy/net-130-25-96-79.cust.vodafonedsl.it): 1 in the last 3600 secs show less	Web App Attack
🇨🇭 4server	2026-05-27 13:31:35 (1 week ago)	[WedMay2715:31:32.5449642026][security2:error][pid3320032:tid3320821][client130.25.96.79:0]ModSecuri ... show more [WedMay2715:31:32.5449642026][security2:error][pid3320032:tid3320821][client130.25.96.79:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"piffarerio.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahbyNN0WzTG9isMlXXw2vwAAANI\"] show less	Hacking Web App Attack

Showing 1 to 15 of 54 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.57

🇨🇴 170.254.229.191

🇺🇸 162.216.150.188

🇯🇵 156.227.235.173

🇨🇳 116.11.120.204

🇺🇸 107.173.224.24

🇹🇷 85.117.239.172

🇩🇪 69.5.169.228

🇱🇹 45.227.254.170

🇬🇧 35.203.210.230

🇱🇻 31.56.27.139

🇺🇸 20.169.83.214

🇧🇩 210.4.68.72

🇨🇭 209.99.188.240

🇺🇸 204.236.206.173

🇩🇪 164.92.161.148

🇻🇳 160.30.160.208

🇵🇰 153.117.8.30

🇹🇭 152.32.247.54

🇷🇺 109.63.130.95