JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 81.202.73.120

81.202.73.120 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 35%: ?

35%

ISP	VODAFONE ONO, S.A.
Usage Type	Fixed Line ISP
ASN	AS6739
Hostname(s)	81.202.73.120.dyn.user.ono.com
Domain Name	vodafone.es
Country	🇪🇸 Spain
City	Barcelona, Catalonia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 81.202.73.120

Whois 81.202.73.120

IP Abuse Reports for 81.202.73.120:

This IP address has been reported a total of 13 times from 6 distinct sources. 81.202.73.120 was first reported on April 30th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 17:09:06 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 13:09:01.864452 2026] [security2:error] [pid 5112:tid 5112] [client 81.202.73.120:30603] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|uccryakima.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uccryakima.org"] [uri "/xmlrpc.php"] [unique_id "aj1grcwa79SO8EtUE1cvyAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-25 15:52:44 (1 day ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 15:26:34 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:26:27.945447 2026] [security2:error] [pid 25236:tid 25236] [client 81.202.73.120:54441] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|nypatriotcards.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nypatriotcards.com"] [uri "/xmlrpc.php"] [unique_id "aj1Io5uWaM3BrRg-a94bdwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 09:29:35 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 05:29:28.057483 2026] [security2:error] [pid 18860:tid 18860] [client 81.202.73.120:46207] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|americanureport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "americanureport.com"] [uri "/xmlrpc.php"] [unique_id "ajeu-IsDdL1nS6mWhMqppQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 08:57:51 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 04:57:45.596855 2026] [security2:error] [pid 10845:tid 10845] [client 81.202.73.120:33679] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|jimrichardart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jimrichardart.com"] [uri "/xmlrpc.php"] [unique_id "ajenidcHASKoM7DN6c1WFAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-19 16:42:42 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-06-19 15:18:44 (1 week ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
🇱🇻 garmtech.com	2026-06-14 07:07:51 (1 week ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 09:21:57 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 05:21:49.586200 2026] [security2:error] [pid 22197:tid 22197] [client 81.202.73.120:13127] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|realdesigninterior.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "realdesigninterior.com"] [uri "/xmlrpc.php"] [unique_id "aip-LZx37ajiqLK1mHSiEAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-05-27 00:06:49 (4 weeks ago)	(xmlrpc_405) XMLRPC-Bot 405 81.202.73.120 (ES/Spain/81.202.73.120.dyn.user.ono.com)	Hacking
Anonymous	2026-05-26 22:36:10 (4 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-10 10:36:38 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 06:36:32.943345 2026] [security2:error] [pid 20562:tid 20562] [client 81.202.73.120:33389] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|websitesforauthors.design\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "websitesforauthors.design"] [uri "/xmlrpc.php"] [unique_id "agBfsJMj04mhKt9jje5Z3QAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-30 17:22:37 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): ... show more (mod_security) mod_security (id:240335) triggered by 81.202.73.120 (81.202.73.120.dyn.user.ono.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 13:22:30.419435 2026] [security2:error] [pid 29791:tid 29791] [client 81.202.73.120:3762] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 81.202.73.120 (+1 hits since last alert)\|onlinesuretybonds.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "onlinesuretybonds.com"] [uri "/xmlrpc.php"] [unique_id "afOP1spjvGl40VkrbVxMWAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 204.93.184.252

🇧🇷 187.51.208.158

🇮🇶 169.224.8.132

🇮🇳 124.253.204.60

🇨🇳 106.92.111.30

🇮🇩 103.154.231.122

🇺🇸 74.7.242.137

🇫🇷 62.35.63.71

🇬🇧 5.226.140.108

🇺🇸 162.216.149.226

🇺🇸 66.132.172.155

🇨🇳 58.255.236.157

🇳🇱 45.148.146.49

🇧🇷 45.140.193.156

🇧🇷 20.226.8.231

🇦🇷 191.241.142.170

🇱🇹 62.60.130.219

🇸🇬 45.78.198.199

🇮🇳 45.40.57.172

🇧🇪 198.235.24.244