AbuseIPDB » 213.152.161.138

213.152.161.138 was found in our database!

This IP was reported 1,288 times. Confidence of Abuse is 89%: ?

89%

ISP	AirVPN.org
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49453
Domain Name	airvpn.org
Country	Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 213.152.161.138

Whois 213.152.161.138

IP Abuse Reports for 213.152.161.138:

This IP address has been reported a total of 1,288 times from 210 distinct sources. 213.152.161.138 was first reported on March 17th 2021, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
mgarofano80	2025-05-21 21:40:27 (11 hours ago)		Brute-Force Web App Attack
Anonymous	2025-05-21 21:34:46 (11 hours ago)	XMLRPC Hack Attempts	Hacking Brute-Force
octageeks.com	2025-05-20 04:07:44 (2 days ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
mind5t0rm	2025-05-20 03:20:26 (2 days ago)	(XMLRPC) WP XMLPRC Attack 213.152.161.138 (NL/The Netherlands/-): 3 in the last 3600 secs; Ports: *; ... show more(XMLRPC) WP XMLPRC Attack 213.152.161.138 (NL/The Netherlands/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 213.152.161.138 - - [20/May/2025:10:10:42 +0700] "POST /xmlrpc.php HTTP/1.1" 200 270 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 213.152.161.138 - - [20/May/2025:10:16:32 +0700] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" 213.152.161.138 - - [20/May/2025:10:20:16 +0700] "POST /xmlrpc.php HTTP/1.1" 200 229 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" show less	Port Scan
ipoac.nl	2025-05-20 03:17:50 (2 days ago)	2025-05-20T05:17:48.926166+02:00 ipoac.nl wordpress(***)[1692]: XML-RPC authentication failure for** ... show more2025-05-20T05:17:48.926166+02:00 ipoac.nl wordpress(***)[1692]: XML-RPC authentication failure for***from 213.152.161.138 show less	Web App Attack
marzzzello	2025-05-19 13:26:14 (2 days ago)	Ports: 4x 41961	Port Scan
MAGIC	2025-05-19 10:14:41 (2 days ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
LRob.fr	2025-05-19 09:45:05 (2 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
ipoac.nl	2025-05-19 09:38:56 (2 days ago)	2025-05-19T11:38:55.903311+02:00 ipoac.nl wordpress(***)[1688]: XML-RPC authentication failure for** ... show more2025-05-19T11:38:55.903311+02:00 ipoac.nl wordpress(***)[1688]: XML-RPC authentication failure for***from 213.152.161.138 show less	Web App Attack
hostseries	2025-05-19 09:36:32 (2 days ago)	Trigger: LF_MODSEC	Brute-Force
Anonymous	2025-05-19 09:32:54 (2 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
mgarofano80	2025-05-19 09:29:51 (2 days ago)		Brute-Force Web App Attack
Linuxmalwarehuntingnl	2025-05-17 10:22:52 (4 days ago)	Suspicious web activity: Multiple 404 status codes detected. Example request: "GET / HTTP/1.1"	Brute-Force Web App Attack
Steve	2025-05-10 11:52:19 (1 week ago)	Excessive crawling - not obeying robots.txt	Bad Web Bot
Linuxmalwarehuntingnl	2025-05-04 14:20:58 (2 weeks ago)	Suspicious web activity: Multiple 404 status codes detected. Example request: "GET / HTTP/1.1"	Brute-Force Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩