JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.76.213.235

41.76.213.235 was found in our database!

This IP was reported 552 times. Confidence of Abuse is 100%: ?

100%

ISP	AFRIHOST SP (PTY) LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37611
Hostname(s)	dynamicpos.dedicated.co.za
Domain Name	afrihost.com
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.76.213.235

Whois 41.76.213.235

IP Abuse Reports for 41.76.213.235:

This IP address has been reported a total of 552 times from 154 distinct sources. 41.76.213.235 was first reported on January 26th 2026, and the most recent report was 30 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Mundo Bueno	2026-06-04 02:53:33 (30 minutes ago)	[ISILIA Protection v2.1] Tentative d'accès: /wp-json/wp/v2/users/me \| Pays: ZA \| UA: Mozilla/5.0 (X1 ... show more [ISILIA Protection v2.1] Tentative d'accès: /wp-json/wp/v2/users/me \| Pays: ZA \| UA: Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0 show less	Hacking Web App Attack
🇺🇸 mind5t0rm	2026-06-04 01:42:33 (1 hour ago)	(WPLOGIN) WP Login Attack 41.76.213.235 (dynamicpos.dedicated.co.za): 3 in the last 3600 secs; Ports ... show more (WPLOGIN) WP Login Attack 41.76.213.235 (dynamicpos.dedicated.co.za): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 41.76.213.235 - - [04/Jun/2026:08:00:52 +0700] "GET /wp-login.php HTTP/1.1" 200 2423 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 41.76.213.235 - - [04/Jun/2026:08:00:55 +0700] "POST /wp-login.php HTTP/1.1" 200 2584 "https://nattour.gr/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 41.76.213.235 - - [04/Jun/2026:08:42:29 +0700] "GET /wp-login.php HTTP/2.0" 200 3163 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" show less	Port Scan
🇫🇷 dynamix	2026-06-04 01:22:37 (2 hours ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇺🇸 mind5t0rm	2026-06-03 23:52:16 (3 hours ago)	(WPLOGIN) WP Login Attack 41.76.213.235 (dynamicpos.dedicated.co.za): 3 in the last 3600 secs; Ports ... show more (WPLOGIN) WP Login Attack 41.76.213.235 (dynamicpos.dedicated.co.za): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 41.76.213.235 - - [04/Jun/2026:06:02:55 +0700] "GET /wp-login.php HTTP/2.0" 200 3166 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 41.76.213.235 - - [04/Jun/2026:06:03:00 +0700] "POST /wp-login.php HTTP/2.0" 200 4194 "https://thevasilis.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 41.76.213.235 - - [04/Jun/2026:06:52:12 +0700] "GET /wp-login.php HTTP/2.0" 200 2484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Port Scan
🇩🇪 london2038.com	2026-06-03 23:37:41 (3 hours ago)	Probing for exploits 41.76.213.235 - - [04/Jun/2026:01:37:33 +0200] "GET /wp-login.php HTTP/2.0" 301 ... show more Probing for exploits 41.76.213.235 - - [04/Jun/2026:01:37:33 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 41.76.213.235 - - [04/Jun/2026:01:37:40 +0200] "POST /wp-login.php HTTP/2.0" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" show less	Hacking Web App Attack
🇵🇱 bmino.pl	2026-06-03 23:02:47 (4 hours ago)	Autoban IP(2): 41.76.213.235 - Hostname: AFRIHOST SP (PTY) LTD - City: Johannesburg - Region: Gauten ... show more Autoban IP(2): 41.76.213.235 - Hostname: AFRIHOST SP (PTY) LTD - City: Johannesburg - Region: Gauteng - Country: South Africa - Location: - Organization: Afrihost - failed attempts. show less	Web App Attack
🇬🇧 spamverify.com	2026-06-03 22:39:57 (4 hours ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇫🇷 tecnicorioja	2026-06-03 22:00:22 (5 hours ago)	POST /xmlrpc.php [03/Jun/2026:12:18:04	Brute-Force Web App Attack
🇫🇷 Yepngo	2026-06-03 21:05:08 (6 hours ago)	41.76.213.235 - - [03/Jun/2026:23:05:07 +0200] "POST /xmlrpc.php HTTP/2.0" 200 408 "-" "Mozilla/5.0 ... show more 41.76.213.235 - - [03/Jun/2026:23:05:07 +0200] "POST /xmlrpc.php HTTP/2.0" 200 408 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-06-03 20:53:35 (6 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 Prodscape	2026-06-03 19:35:54 (7 hours ago)	(WPLOGIN) WP Login Attack 41.76.213.235 (ZA/South Africa/dynamicpos.dedicated.co.za): 5 in the last ... show more (WPLOGIN) WP Login Attack 41.76.213.235 (ZA/South Africa/dynamicpos.dedicated.co.za): 5 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER show less	Port Scan
🇬🇧 consul.to	2026-06-03 18:45:00 (8 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Yepngo	2026-06-03 17:34:16 (9 hours ago)	41.76.213.235 - - [03/Jun/2026:19:34:16 +0200] "POST /wp-login.php HTTP/2.0" 200 12103 "https://blog ... show more 41.76.213.235 - - [03/Jun/2026:19:34:16 +0200] "POST /wp-login.php HTTP/2.0" 200 12103 "https://blog.yepngo.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇬🇧 spamverify.com	2026-06-03 17:07:36 (10 hours ago)	Honeypot Hit: xmlrpc.php	Web Spam Blog Spam Bad Web Bot Web App Attack
🇺🇸 dtorrer	2026-06-03 16:57:37 (10 hours ago)	Brute-force general attack.	Brute-Force

Showing 1 to 15 of 552 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.36.154.175

🇨🇦 168.138.90.7

🇧🇷 129.121.37.21

🇨🇳 117.50.187.13

🇺🇸 45.130.83.90

🇸🇬 45.82.78.100

🇬🇧 35.203.210.223

🇭🇰 20.205.34.2

🇰🇷 210.183.21.53

🇺🇸 184.168.147.110

🇺🇸 162.216.150.193

🇰🇷 140.238.18.9

🇵🇭 113.19.141.77

🇧🇷 108.165.230.148

🇷🇴 80.94.92.177

🇺🇸 64.62.197.68

🇪🇬 62.193.91.121

🇳🇱 45.148.10.147

🇸🇬 43.98.173.54

🇧🇪 34.77.202.172