JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 138.0.246.169

138.0.246.169 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 76%: ?

76%

ISP	AGE TELECOMUNICACOES LTDA
Usage Type	Fixed Line ISP
ASN	AS271689
Hostname(s)	138.0.246.170.IN-ADDR-ARPA
Domain Name	agetelecom.com.br
Country	🇧🇷 Brazil
City	Brasilia, Federal District

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 138.0.246.169

Whois 138.0.246.169

IP Abuse Reports for 138.0.246.169:

This IP address has been reported a total of 33 times from 19 distinct sources. 138.0.246.169 was first reported on February 4th 2024, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 04:54:43 (8 hours ago)	(mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:54:36.513586 2026] [security2:error] [pid 7327:tid 7407] [client 138.0.246.169:37905] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 138.0.246.169 (+1 hits since last alert)\|almerirock.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "almerirock.com"] [uri "/xmlrpc.php"] [unique_id "akH6jA7L3BlVDzHiFRJ3ZgAAARY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-28 20:40:53 (17 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 SpaceHost-Server	2026-06-28 20:23:35 (17 hours ago)	138.0.246.169 - - [28/Jun/2026:22:23:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by W ... show more 138.0.246.169 - - [28/Jun/2026:22:23:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" 138.0.246.169 - - [28/Jun/2026:22:23:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" 138.0.246.169 - - [28/Jun/2026:22:23:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack/12.0; WordPress/6.1; http://site52987090.com" show less	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-28 20:08:12 (17 hours ago)	138.0.246.169 - - [28/Jun/2026:22:07:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by W ... show more 138.0.246.169 - - [28/Jun/2026:22:07:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" 138.0.246.169 - - [28/Jun/2026:22:08:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack/12.1; WordPress/6.2; http://site71100428.com" 138.0.246.169 - - [28/Jun/2026:22:08:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
Anonymous	2026-06-28 18:21:04 (19 hours ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 12:17:16 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:17:10.909280 2026] [security2:error] [pid 17236:tid 17236] [client 138.0.246.169:37742] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 138.0.246.169 (+1 hits since last alert)\|timetemple.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "timetemple.org"] [uri "/xmlrpc.php"] [unique_id "akEQxsDqDbzSGRq2OjQabwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 10:35:17 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:35:13.540099 2026] [security2:error] [pid 28971:tid 28971] [client 138.0.246.169:37264] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 138.0.246.169 (+1 hits since last alert)\|dragonflytunes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dragonflytunes.com"] [uri "/xmlrpc.php"] [unique_id "akD44cl-F_WqfUjy87uNkAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 09:00:44 (1 day ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-28 05:46:49 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC BR/Brazil/138.0.246.170.IN-ADDR-ARPA	Web App Attack
🇫🇷 dynamix	2026-06-28 05:46:29 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-28 05:16:17 (1 day ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇫🇷 applemooz	2026-06-28 05:15:57 (1 day ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 21:24:34 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:24:26.779721 2026] [security2:error] [pid 4955:tid 4963] [client 138.0.246.169:37124] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 138.0.246.169 (+1 hits since last alert)\|danelandia.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "danelandia.com"] [uri "/xmlrpc.php"] [unique_id "akA_isUXd3Ei5tQGHFmlBQAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-27 20:30:07 (1 day ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 20:13:20 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 138.0.246.169 (138.0.246.170.IN-ADDR-ARPA): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:13:13.570584 2026] [security2:error] [pid 31965:tid 31965] [client 138.0.246.169:37250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 138.0.246.169 (+1 hits since last alert)\|mchen-arch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mchen-arch.com"] [uri "/xmlrpc.php"] [unique_id "akAu2at2zOtM1fcTKk6wwAAAACM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:4860:4802:32::77

🇯🇵 104.46.236.89

🇫🇷 91.196.152.38

🇳🇴 20.100.198.19

🇺🇸 2607:f8b0:4004:1007::12a

🇧🇴 200.105.167.206

🇮🇹 185.105.128.28

🇬🇧 185.65.238.250

🇺🇸 172.190.220.228

🇧🇷 170.82.52.52

🇩🇪 164.90.213.147

🇧🇩 161.248.189.72

🇮🇳 125.19.163.58

🇮🇩 111.68.120.152

🇷🇺 89.223.20.151

🇩🇪 69.5.169.102

🇨🇦 52.138.3.29

🇫🇷 51.91.252.38

🇺🇸 48.216.242.54

🇳🇱 45.148.10.141