JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.85.138.120

188.85.138.120 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 58%: ?

58%

ISP	VODAFONE ESPANA, S.A.U
Usage Type	Fixed Line ISP
ASN	AS12430
Hostname(s)	static-120-138-85-188.ipcom.comunitel.net
Domain Name	vodafone.es
Country	🇪🇸 Spain
City	Valencia, Valencia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.85.138.120

Whois 188.85.138.120

IP Abuse Reports for 188.85.138.120:

This IP address has been reported a total of 25 times from 12 distinct sources. 188.85.138.120 was first reported on May 8th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ger-stg-sifi1	2026-06-14 15:42:59 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-13 17:11:10 (3 days ago)	Attac	Brute-Force
🇫🇷 dynamix	2026-06-12 15:01:52 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-12 15:00:27 (4 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-12 13:18:19 (4 days ago)	188.85.138.120 - - [12/Jun/2026:15:17:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 712 "-" "Jetpack by ... show more 188.85.138.120 - - [12/Jun/2026:15:17:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 712 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 188.85.138.120 - - [12/Jun/2026:15:17:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" 188.85.138.120 - - [12/Jun/2026:15:17:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 712 "-" "Jetpack by WordPress.com" 188.85.138.120 - - [12/Jun/2026:15:17:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 188.85.138.120 - - [12/Jun/2026:15:18:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 712 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
🇩🇪 grassau.com	2026-06-11 18:52:44 (5 days ago)	(wordpress) Failed wordpress login from 188.85.138.120 (ES/Spain/Valencia/Valencia/static-120-138-85 ... show more (wordpress) Failed wordpress login from 188.85.138.120 (ES/Spain/Valencia/Valencia/static-120-138-85-188.ipcom.comunitel.net) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 07:36:48 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.com ... show more (mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.comunitel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:36:43.175548 2026] [security2:error] [pid 10754:tid 10754] [client 188.85.138.120:65190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.85.138.120 (+1 hits since last alert)\|rocksolidhomebuilders.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rocksolidhomebuilders.com"] [uri "/xmlrpc.php"] [unique_id "aipli_FKkIKjg3ugW2m_bwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 09:05:14 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.com ... show more (mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.comunitel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 05:05:03.744436 2026] [security2:error] [pid 28970:tid 28970] [client 188.85.138.120:53266] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.85.138.120 (+1 hits since last alert)\|anamericanabroad.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "anamericanabroad.com"] [uri "/xmlrpc.php"] [unique_id "aikovysKw9L2hJ_XUzPnlQAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 18:21:04 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.com ... show more (mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.comunitel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:20:57.701386 2026] [security2:error] [pid 24592:tid 24592] [client 188.85.138.120:54519] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.85.138.120 (+1 hits since last alert)\|xcarsubscription.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "xcarsubscription.com"] [uri "/xmlrpc.php"] [unique_id "aicICcmE0_pTJmWbLeeRWAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-08 14:25:27 (1 week ago)	(PERMBLOCK) 188.85.138.120 (ES/Spain/static-120-138-85-188.ipcom.comunitel.net) has had more than 4 ... show more (PERMBLOCK) 188.85.138.120 (ES/Spain/static-120-138-85-188.ipcom.comunitel.net) has had more than 4 temp blocks show less	Hacking
🇺🇸 integrantservices.com	2026-06-08 13:19:11 (1 week ago)	(wordpress) Failed wordpress login from 188.85.138.120 (ES/Spain/static-120-138-85-188.ipcom.comunit ... show more (wordpress) Failed wordpress login from 188.85.138.120 (ES/Spain/static-120-138-85-188.ipcom.comunitel.net) show less	Brute-Force
Anonymous	2026-06-04 16:06:03 (1 week ago)	Trying to access config files	Web App Attack
🇺🇸 integrantservices.com	2026-06-04 15:50:00 (1 week ago)	(wordpress) Failed wordpress login from 188.85.138.120 (ES/Spain/static-120-138-85-188.ipcom.comunit ... show more (wordpress) Failed wordpress login from 188.85.138.120 (ES/Spain/static-120-138-85-188.ipcom.comunitel.net) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 07:02:20 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.com ... show more (mod_security) mod_security (id:240335) triggered by 188.85.138.120 (static-120-138-85-188.ipcom.comunitel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:02:09.658299 2026] [security2:error] [pid 4413:tid 4418] [client 188.85.138.120:63923] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.85.138.120 (+1 hits since last alert)\|supercyprus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "supercyprus.com"] [uri "/xmlrpc.php"] [unique_id "aiEi8b3tCkSilIZj64EFoQAAAMM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TAY	2026-06-02 19:12:00 (2 weeks ago)	188.85.138.120 - - [03/Jun/2026:03:11:08 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4837 "-" "Jetpack by ... show more 188.85.138.120 - - [03/Jun/2026:03:11:08 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4837 "-" "Jetpack by WordPress.com" 188.85.138.120 - - [03/Jun/2026:03:11:37 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4837 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" 188.85.138.120 - - [03/Jun/2026:03:11:59 +0800] "POST /xmlrpc.php HTTP/1.1" 200 4837 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:c84::98

🇩🇪 213.209.159.242

🇭🇰 199.45.154.128

🇻🇳 116.110.218.1

🇺🇸 66.132.195.29

🇱🇹 62.60.130.14

🇳🇱 5.83.143.123

🇮🇩 202.51.214.98

🇰🇪 197.248.159.62

🇲🇽 187.249.59.202

🇳🇱 185.226.197.47

🇸🇦 178.73.75.97

🇮🇳 168.144.113.130

🇮🇩 165.154.151.176

🇨🇦 159.203.56.37

🇺🇸 148.153.121.224

🇺🇸 147.182.182.147

🇻🇳 123.24.179.131

🇨🇳 117.57.205.36

🇨🇳 116.172.79.4