JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.78.66.39

195.78.66.39 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 1%: ?

ISP	CF-Shared-Hosting GD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41079
Hostname(s)	s101.cyber-folks.pl
Domain Name	cyberfolks.pl
Country	🇵🇱 Poland
City	Poznan, Greater Poland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.78.66.39

Whois 195.78.66.39

IP Abuse Reports for 195.78.66.39:

This IP address has been reported a total of 12 times from 12 distinct sources. 195.78.66.39 was first reported on January 6th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 sshtmp	2026-05-21 17:50:36 (3 weeks ago)	[AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-21T19:50:36+0 ... show more [AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-21T19:50:36+02:00 \| Last: 2026-05-21T19:50:36+02:00 Samples: POST /xmlrpc.php [200] show less	Brute-Force Web App Attack
🇩🇪 big-cloud.nl	2026-01-08 11:14:44 (5 months ago)	Try to access /xmlrpc.php	Web App Attack
Anonymous	2026-01-08 08:26:38 (5 months ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-01-08 04:56:57 (5 months ago)	[redacted] 195.78.66.39 - - [08/Jan/2026:05:56:55 +0100] "POST /xmlrpc.php HTTP/2.0" 403 199 "-" "Mo ... show more [redacted] 195.78.66.39 - - [08/Jan/2026:05:56:55 +0100] "POST /xmlrpc.php HTTP/2.0" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" [redacted] 195.78.66.39 - - [08/Jan/2026:05:56:55 +0100] "POST /xmlrpc.php HTTP/2.0" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" [redacted] 195.78.66.39 - - [08/Jan/2026:05:56:56 +0100] "POST /xmlrpc.php HTTP/2.0" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" [redacted] 195.78.66.39 - - [08/Jan/2026:05:56:56 +0100] "POST /xmlrpc.php HTTP/2.0" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299" [redacted] 195.78.66.39 - - [08/Jan/2026:05:56:57 +0100] "POST /xmlrpc.php HTTP/2.0" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKi ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-01-08 04:06:43 (5 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-01-07 23:40:22 (5 months ago)		Brute-Force Web App Attack
🇩🇪 stinpriza	2026-01-07 07:00:05 (5 months ago)	Web App Attack	Web App Attack
🇩🇪 LRob.fr	2026-01-07 04:05:21 (5 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 neverdown.eu	2026-01-07 03:52:49 (5 months ago)	(XMLRPC) WP XMLPRC Attack 195.78.66.39 (PL/Poland/s101.cyber-folks.pl): 5 in the last 60 secs; Ports ... show more (XMLRPC) WP XMLPRC Attack 195.78.66.39 (PL/Poland/s101.cyber-folks.pl): 5 in the last 60 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 195.78.66.39 - - [07/Jan/2026:05:45:15 +0200] "POST /xmlrpc.php HTTP/2" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MASBJS; rv:11.0) like Gecko" 195.78.66.39 - - [07/Jan/2026:05:45:16 +0200] "POST /xmlrpc.php HTTP/2" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MASBJS; rv:11.0) like Gecko" 195.78.66.39 - - [07/Jan/2026:05:45:16 +0200] "POST /xmlrpc.php HTTP/2" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MASBJS; rv:11.0) like Gecko" 195.78.66.39 - - [07/Jan/2026:05:45:17 +0200] "POST /xmlrpc.php HTTP/2" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MASBJS; rv:11.0) like Gecko" 195.78.66.39 - - [07/Jan/2026:05:45:17 +0200] "POST /xmlrpc.php HTTP/2" 301 795 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MASBJS; rv:11.0) like Gecko" show less	Port Scan
🇺🇸 TPI-Abuse	2026-01-06 10:43:52 (5 months ago)	(mod_security) mod_security (id:240335) triggered by 195.78.66.39 (s101.cyber-folks.pl): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 195.78.66.39 (s101.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 06 05:43:48.256863 2026] [security2:error] [pid 8297:tid 8297] [client 195.78.66.39:33892] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 195.78.66.39 (+1 hits since last alert)\|bfpsamoa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bfpsamoa.com"] [uri "/xmlrpc.php"] [unique_id "aVznZCq3CcFPkxu7hX6mqwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-06 09:39:51 (5 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇺🇸 octageeks.com	2026-01-06 05:07:28 (5 months ago)	Wordpress malicious attack:[octawp]	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.221

🇻🇳 103.90.227.203

🇫🇷 62.210.27.138

🇺🇸 34.162.94.162

🇨🇦 3.99.166.72

🇺🇸 216.25.89.128

🇬🇧 193.163.125.185

🇨🇳 175.10.24.18

🇵🇪 161.132.50.236

🇺🇸 154.83.197.68

🇺🇸 136.109.42.190

🇨🇳 123.181.96.244

🇨🇳 114.87.0.45

🇿🇦 105.246.225.93

🇨🇭 92.39.61.22

🇫🇷 91.231.89.229

🇳🇱 45.156.128.74

🇩🇪 43.131.23.154

🇬🇧 35.203.210.123

🇺🇸 20.127.185.37