AbuseIPDB » 185.220.101.42

185.220.101.42 was found in our database!

This IP was reported 5,417 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Zwiebelfreunde E.V.
Usage Type	Data Center/Web Hosting/Transit
Hostname(s)	tor-exit-42.for-privacy.net
Domain Name	zwiebelfreunde.de
Country	Netherlands
City	Amsterdam, Noord-Holland

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 185.220.101.42

Whois 185.220.101.42

IP Abuse Reports for 185.220.101.42:

This IP address has been reported a total of 5,417 times from 367 distinct sources. 185.220.101.42 was first reported on December 21st 2020, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
Kreapptivo	11 hours ago	[25/Sep/2023:14:26:08 +0200] Web-Request: "POST /wp-login.php", User-Agent: "-"	Bad Web Bot Web App Attack
oncord	24 Sep 2023	Form spam	Web Spam
psauxit	23 Sep 2023	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show moreFail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping show less	Hacking Web App Attack
stinpriza	22 Sep 2023	WP Authentication attempt for unknown user	Brute-Force Web App Attack
ASPAN	22 Sep 2023	Unsolicited connection attempt(s), port:13.	Port Scan
MPL	21 Sep 2023	tcp/13 (6 or more attempts)	Port Scan
oncord	21 Sep 2023	Form spam	Web Spam
Rizzy	20 Sep 2023	WAF Violation	Brute-Force Web App Attack
rsiddall	19 Sep 2023	185.220.101.42 - - [19/Sep/2023:11:20:19 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5. ... show more185.220.101.42 - - [19/Sep/2023:11:20:19 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" 185.220.101.42 - - [19/Sep/2023:11:20:20 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" ... show less	Brute-Force
rsiddall	19 Sep 2023	185.220.101.42 - - [19/Sep/2023:08:13:22 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5. ... show more185.220.101.42 - - [19/Sep/2023:08:13:22 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/601.4.4 (KHTML, like Gecko) Version/9.0.3 Safari/601.4.4" 185.220.101.42 - - [19/Sep/2023:08:13:23 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/601.4.4 (KHTML, like Gecko) Version/9.0.3 Safari/601.4.4" ... show less	Brute-Force
cusezar.com	18 Sep 2023	185.220.101.42 /xmlrpc.php	Brute-Force
woutvde	18 Sep 2023		Web App Attack
Birdflew	17 Sep 2023	Port scanning	Hacking
Jim Keir	17 Sep 2023	2023-09-17 02:22:46 185.220.101.42 File scanning, blocking 185.220.101.42 for 5 minutes	Web App Attack
rsiddall	16 Sep 2023	185.220.101.42 - - [16/Sep/2023:18:50:42 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5. ... show more185.220.101.42 - - [16/Sep/2023:18:50:42 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Edg/88.0.705.81" 185.220.101.42 - - [16/Sep/2023:18:50:42 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36 Edg/88.0.705.81" ... show less	Brute-Force

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩