AbuseIPDB » 139.162.157.153

139.162.157.153 was found in our database!

This IP was reported 145 times. Confidence of Abuse is 100%: ?

100%

ISP	139.162.0.0/16
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	139-162-157-153.ip.linodeusercontent.com
Domain Name	linode.com
Country	Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 139.162.157.153

Whois 139.162.157.153

IP Abuse Reports for 139.162.157.153:

This IP address has been reported a total of 145 times from 59 distinct sources. 139.162.157.153 was first reported on March 25th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
rtbh.com.tr	2025-04-10 20:06:02 (2 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-04-10 01:53:45 (2 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
rtbh.com.tr	2025-04-09 20:06:00 (2 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Roderic	2025-04-09 03:15:33 (2 weeks ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted])	Port Scan
rtbh.com.tr	2025-04-08 20:05:59 (2 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Swiptly	2025-04-08 18:32:42 (2 weeks ago)	WordPress xmlrpc spam or enumeration ...	Web Spam Bad Web Bot Web App Attack
Anonymous	2025-04-08 14:59:28 (2 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
noise.agency	2025-04-08 10:27:56 (2 weeks ago)	(wordpress) Failed wordpress login from 139.162.157.153 (DE/Germany/139-162-157-153.ip.linodeusercon ... show more(wordpress) Failed wordpress login from 139.162.157.153 (DE/Germany/139-162-157-153.ip.linodeusercontent.com) show less	Brute-Force
KIsmay	2025-04-08 08:36:19 (2 weeks ago)	Apr 8 03:13:17 www4 WPAudit[221182]: 139.162.157.153 tramech.ca "Mozilla/5.0 (Windows NT 10.0; Win6 ... show moreApr 8 03:13:17 www4 WPAudit[221182]: 139.162.157.153 tramech.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" sbd-admin:sbd-admin1234 FAIL Apr 8 04:29:02 www4 WPAudit[225524]: 139.162.157.153 tramech.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" sbd-admin:Sbd-admin@1992 FAIL Apr 8 04:31:27 www4 WPAudit[225756]: 139.162.157.153 tramech.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" sbd-admin:tramech1987 FAIL Apr 8 04:35:09 www4 WPAudit[225849]: 139.162.157.153 tramech.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" sbd-admin:Tramech1998 FAIL Apr 8 04:36:18 www4 WPAudit[225849]: 139.162.157.153 tramech.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/ ... show less	Brute-Force Web App Attack
francoisunix	2025-04-08 08:22:55 (2 weeks ago)	139.162.157.153 - - [08/Apr/2025:06:08:28 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5. ... show more139.162.157.153 - - [08/Apr/2025:06:08:28 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 139.162.157.153 - - [08/Apr/2025:06:39:14 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 139.162.157.153 - - [08/Apr/2025:07:37:59 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 139.162.157.153 - - [08/Apr/2025:08:16:34 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 139.162.157.153 - - [08/Apr/2025:08:22:53 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 ... show less	Web App Attack
Anonymous	2025-04-08 07:00:49 (2 weeks ago)	Failed Wordpress Logins	Web App Attack
4server	2025-04-08 04:18:21 (2 weeks ago)	[TueApr0806:18:18.9708822025][security2:error][pid1072533:tid1072582][client139.162.157.153:0][clien ... show more[TueApr0806:18:18.9708822025][security2:error][pid1072533:tid1072582][client139.162.157.153:0][client139.162.157.153]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"30\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.massimilianoparquet.ch\"][uri\"/wp-login.php\"][unique_id\"Z_Sjiss1dQTkWTbUgGXDcwAAARU\"]\,referer:https://mail.massimilianoparquet.ch/wp-login.php show less	Port Scan Brute-Force Web App Attack
masterguru	2025-04-08 02:44:59 (2 weeks ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)	Web App Attack
masterguru	2025-04-08 01:17:03 (2 weeks ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (1020-123)	Web App Attack
gszasz	2025-04-07 23:36:58 (2 weeks ago)	[Tue Apr 08 01:36:57.693644 2025] [ssl:error] [pid 752175:tid 752298] [client 139.162.157.153:60778] ... show more[Tue Apr 08 01:36:57.693644 2025] [ssl:error] [pid 752175:tid 752298] [client 139.162.157.153:60778] AH02032: Hostname ocwg.physics.muni.cz provided via SNI and hostname bogl.no provided via HTTP have no compatible SSL setup ... show less	Brute-Force Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩