JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.118.18.113

212.118.18.113 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 77%: ?

77%

ISP	Batelco Jordan
Usage Type	Fixed Line ISP
ASN	AS9038
Hostname(s)	212.118.18.113.ua.batelco.jo
Domain Name	batelco.jo
Country	🇯🇴 Jordan
City	Al Khalidiyah, Mafraq

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.118.18.113

Whois 212.118.18.113

IP Abuse Reports for 212.118.18.113:

This IP address has been reported a total of 79 times from 47 distinct sources. 212.118.18.113 was first reported on February 22nd 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-18 05:05:44 (4 days ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇬🇧 Birdo	2026-06-17 08:29:51 (5 days ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Exploited Host Brute-Force Port Scan Hacking
Anonymous	2026-06-11 07:55:05 (1 week ago)	Bot / scanning and/or hacking attempts: GET /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇩🇪 4server	2026-06-10 11:38:08 (1 week ago)	[WedJun1013:38:04.4950912026][security2:error][pid278024:tid278142][client212.118.18.113:0]ModSecuri ... show more [WedJun1013:38:04.4950912026][security2:error][pid278024:tid278142][client212.118.18.113:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"giftech.ch\"][uri\"/xmlrpc.php\"][unique_id\"ailMnMf2D8m8zHfdY-v3xAAAAMg\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-10 10:08:41 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇸🇪 vaia.cloud	2026-06-10 08:24:01 (1 week ago)	trying wp-login.php/xmlrpc.php 32 times in 1 minutes	Brute-Force Web App Attack
🇺🇸 WellSpring	2026-06-08 05:55:26 (2 weeks ago)	xmlrpc exploit on 802.today/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
🇸🇪 vaia.cloud	2026-06-04 06:41:04 (2 weeks ago)	trying wp-login.php/xmlrpc.php 31 times in 1 minutes	Brute-Force Web App Attack
🇳🇱 MM-bot	2026-06-04 06:35:08 (2 weeks ago)	URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2026-06-04 08:35:08 UTC+2)	Web App Attack Hacking
Anonymous	2026-06-02 08:48:47 (2 weeks ago)	(wordpress) Failed wordpress login from 212.118.18.113 (JO/Jordan/212.118.18.113.ua.batelco.jo)	Brute-Force
🇩🇪 4server	2026-06-02 07:54:10 (2 weeks ago)	[TueJun0209:54:07.3957322026][security2:error][pid4006663:tid4006776][client212.118.18.113:0]ModSecu ... show more [TueJun0209:54:07.3957322026][security2:error][pid4006663:tid4006776][client212.118.18.113:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"jrtradeinnovation.ch\"][uri\"/xmlrpc.php\"][unique_id\"ah6MH0eEdVuZnwUgVi8F4QAAAMw\"] show less	Port Scan Brute-Force Web App Attack
🇧🇷 Francisco Carlos	2026-06-02 07:45:57 (2 weeks ago)	Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: shell-upload, wordpress. S ... show more Honeypot captured 1 automated attack/scan requests (JR Save Tech). Types: shell-upload, wordpress. Sample: GET /xmlrpc.php show less	Hacking Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-06-02 07:35:49 (2 weeks ago)	2026-06-02 @ 09:35:49 (CET) ~ Blocked for trying to access: /xmlrpc.php	Web App Attack
🇫🇮 inlink.ltd	2026-06-01 09:04:52 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇪 ghostwarriors	2026-06-01 07:50:04 (3 weeks ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack

Showing 1 to 15 of 79 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.242

🇺🇸 162.216.149.242

🇺🇸 74.82.47.30

🇨🇳 42.247.107.130

🇧🇴 181.114.83.155

🇷🇺 176.113.245.69

🇫🇮 147.185.133.143

🇮🇳 135.235.138.254

🇸🇨 45.194.67.27

🇨🇳 43.226.37.33

🇺🇸 40.76.124.195

🇯🇵 8.216.10.200

🇺🇸 2604:a880:2:d1:0:1:51e8:8001

🇭🇰 199.45.155.66

🇬🇧 193.163.125.10

🇧🇷 179.102.26.14

🇳🇱 176.65.148.158

🇺🇸 158.222.115.92

🇺🇸 71.31.176.7

🇺🇸 44.245.220.108