JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 43.252.215.241

43.252.215.241 was found in our database!

This IP was reported 293 times. Confidence of Abuse is 100%: ?

100%

ISP	Exa Bytes Network Sdn.Bhd.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46015
Hostname(s)	server.ikim.gov.my
Domain Name	exabytes.my
Country	🇲🇾 Malaysia
City	Kuala Lumpur, Kuala Lumpur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 43.252.215.241

Whois 43.252.215.241

IP Abuse Reports for 43.252.215.241:

This IP address has been reported a total of 293 times from 112 distinct sources. 43.252.215.241 was first reported on June 8th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Bytemark	2026-06-21 20:13:12 (20 hours ago)	43.252.215.241 - - [21/Jun/2026:21:13:03 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "http://xiaomi.eu/ ... show more 43.252.215.241 - - [21/Jun/2026:21:13:03 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "http://xiaomi.eu/xmlrpc.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" 43.252.215.241 - - [21/Jun/2026:21:13:04 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "http://xiaomi.eu/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36" 43.252.215.241 - - [21/Jun/2026:21:13:11 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "http://xiaomi.eu/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" show less	Brute-Force Web App Attack
🇮🇱 spd.co.il	2026-06-21 17:02:32 (1 day ago)	Port scan detected on multiple ports	Port Scan
🇮🇩 soc-yk	2026-06-21 16:42:14 (1 day ago)	Type: credential_attack Risk: 92 Events: 1521 Evidence: - Repeated authentication attack activity d ... show more Type: credential_attack Risk: 92 Events: 1521 Evidence: - Repeated authentication attack activity detected - Credential abuse behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Brute-Force SSH
🇺🇸 island-freaks.com	2026-06-21 15:38:52 (1 day ago)	Attack Type: Malicious Server attempt on /wp-admin/ \| DNS server.ikim.gov.my \| Agent: Mozilla/5.0 (X ... show more Attack Type: Malicious Server attempt on /wp-admin/ \| DNS server.ikim.gov.my \| Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇫🇷 Baking333	2026-06-21 13:04:02 (1 day ago)	[redacted] 43.252.215.241 - - [21/Jun/2026:14:04:00 +0100] "GET /[redacted] HTTP/1.1" 302 1593 0/109 ... show more [redacted] 43.252.215.241 - - [21/Jun/2026:14:04:00 +0100] "GET /[redacted] HTTP/1.1" 302 1593 0/109617 "http://[redacted]/[redacted]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" [redacted] 43.252.215.241 - - [21/Jun/2026:14:04:00 +0100] "GET / HTTP/1.1" 200 6757 0/229739 "https://[redacted]/[redacted]" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" show less	Bad Web Bot Web App Attack
🇬🇧 Bytemark	2026-06-21 11:46:01 (1 day ago)	43.252.215.241 - - [21/Jun/2026:12:45:57 +0100] "GET /xmlrpc.php HTTP/1.1" 301 5748 "http://distance ... show more 43.252.215.241 - - [21/Jun/2026:12:45:57 +0100] "GET /xmlrpc.php HTTP/1.1" 301 5748 "http://distancelearningcentre.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 43.252.215.241 - - [21/Jun/2026:12:45:58 +0100] "GET /xmlrpc.php HTTP/1.1" 404 5561 "https://distancelearningcentre.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" 43.252.215.241 - - [21/Jun/2026:12:46:00 +0100] "GET /xmlrpc.php HTTP/1.1" 301 5748 "http://distancelearningcentre.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Brute-Force Web App Attack
🇮🇩 soc-yk	2026-06-21 08:55:16 (1 day ago)	Type: suspicious_network_activity Risk: 76 Events: 2280 Evidence: - Persistent suspicious network a ... show more Type: suspicious_network_activity Risk: 76 Events: 2280 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇩🇪 MusicLibrary	2026-06-21 08:36:20 (1 day ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇬🇧 consul.to	2026-06-21 07:24:44 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇧🇪 voormedia	2026-06-21 06:48:43 (1 day ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇬🇧 Bytemark	2026-06-21 06:40:56 (1 day ago)	43.252.215.241 - - [21/Jun/2026:07:40:07 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "http://xiaomi.eu/ ... show more 43.252.215.241 - - [21/Jun/2026:07:40:07 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "http://xiaomi.eu/xmlrpc.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36" 43.252.215.241 - - [21/Jun/2026:07:40:12 +0100] "GET /xmlrpc.php HTTP/1.1" 404 27 "http://xiaomi.eu/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" 43.252.215.241 - - [21/Jun/2026:07:40:56 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "http://xiaomi.eu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" show less	Brute-Force Web App Attack
Anonymous	2026-06-21 06:33:10 (1 day ago)	Attac	Brute-Force
🇧🇷 dominioz	2026-06-21 06:18:07 (1 day ago)	2026-06-21 06:16:54 POST /wp/xmlrpc.php - - 43.252.215.241 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+ ... show more 2026-06-21 06:16:54 POST /wp/xmlrpc.php - - 43.252.215.241 HTTP/1.1 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/138.0.0.0+Safari/537.36 - 404 5123 2026-06-21 06:17:21 POST /web/xmlrpc.php - - 43.252.215.241 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:140.0)+Gecko/20100101+Firefox/140.0 - 404 0 2026-06-21 06:17:21 POST /web/xmlrpc.php - - 43.252.215.241 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:140.0)+Gecko/20100101+Firefox/140.0 - 404 0 ... show less	Web App Attack
🇩🇪 Skyrider	2026-06-20 11:05:08 (2 days ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack
🇭🇺 kranem	2026-06-20 09:00:38 (2 days ago)	Triggered Cloudflare WAF from MY. Action taken: BLOCK ASN: 46015 (Exa Bytes Network Sdn.Bhd.) Protoc ... show more Triggered Cloudflare WAF from MY. Action taken: BLOCK ASN: 46015 (Exa Bytes Network Sdn.Bhd.) Protocol: HTTP/1.1 (GET method) Endpoint: /wp-login.php Timestamp: 2026-06-20T08:30:18Z User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0 show less	Bad Web Bot

Showing 1 to 15 of 293 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 181.215.65.16

🇩🇪 167.94.146.46

🇧🇩 103.168.8.186

🇳🇱 91.92.40.28

🇱🇻 81.30.98.158

🇨🇳 60.12.5.190

🇵🇱 20.215.211.246

🇺🇸 20.81.46.129

🇮🇳 2406:b400:d13:e183:6027:f98a:e9c6:3c52

🇨🇳 220.154.143.136

🇺🇸 216.180.246.69

🇳🇱 176.65.139.181

🇺🇸 172.202.118.119

🇺🇸 136.144.35.79

🇱🇻 81.30.98.144

🇩🇪 49.51.166.228

🇪🇬 41.128.143.19

🇫🇮 2a00:1450:4010:c0e::12b

🇬🇧 193.163.125.97

🇲🇽 187.216.224.85