AbuseIPDB » 213.152.161.133

213.152.161.133 was found in our database!

This IP was reported 317 times. Confidence of Abuse is 100%: ?

100%

ISP	Global Layer B.V.
Usage Type	Data Center/Web Hosting/Transit
Hostname(s)	133.161.152.213.in-addr.arpa
Domain Name	global-layer.com
Country	Netherlands
City	Amsterdam, Noord-Holland

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 213.152.161.133

Whois 213.152.161.133

IP Abuse Reports for 213.152.161.133:

This IP address has been reported a total of 317 times from 83 distinct sources. 213.152.161.133 was first reported on March 30th 2021, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
MortimerCat	14 Jan 2023	Attempting to exploit via a http POST	Web App Attack
websase.com	13 Jan 2023	WordPress XMLRPC Brute Force Attacks	Brute-Force Web App Attack
Anonymous	13 Jan 2023	windhundgang.de 213.152.161.133 [13/Jan/2023:11:25:13 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5875 "- ... show morewindhundgang.de 213.152.161.133 [13/Jan/2023:11:25:13 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5875 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" jannisjulius.de 213.152.161.133 [13/Jan/2023:11:25:19 +0100] "POST /xmlrpc.php HTTP/1.1" 200 5695 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" show less	Web App Attack
chronos	13 Jan 2023	[[13/01/2023 - 01:49:41 -03:00 UTC] Attack from [Paolo Brini] [213.152.161.133]-[RANGE:2 ... show more[[13/01/2023 - 01:49:41 -03:00 UTC] Attack from [Paolo Brini] [213.152.161.133]-[RANGE:213.152.161.0 - 213.152.161.184] [133.161.152.213.in-addr.arpa] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce s] ... show less	Hacking Web App Attack
MogBox	12 Jan 2023	Web-based Attack: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
psauxit	12 Jan 2023	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show moreFail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping ... show less	Hacking Web App Attack
websase.com	12 Jan 2023	WordPress XMLRPC Brute Force Attacks	Brute-Force Web App Attack
Anonymous	11 Jan 2023	$f2bV_matches	Brute-Force
remi	09 Jan 2023	cms hack attempt	Web App Attack
websase.com	09 Jan 2023	WordPress XMLRPC Brute Force Attacks	Brute-Force Web App Attack
myagent.site	09 Jan 2023	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
MPL	09 Jan 2023	tcp/80 (5 or more attempts)	Port Scan
psauxit	08 Jan 2023	Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ... show moreFail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping ... show less	Hacking Web App Attack
SleepyHosting	08 Jan 2023	(mod_security) mod_security (id:400010) triggered by 213.152.161.133 (NL/Netherlands/133.161.152.213 ... show more(mod_security) mod_security (id:400010) triggered by 213.152.161.133 (NL/Netherlands/133.161.152.213.in-addr.arpa): 5 in the last 3600 secs show less	Brute-Force
remi	08 Jan 2023	cms hack attempt	Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩