JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 134.33.68.243

134.33.68.243 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 134.33.68.243

Whois 134.33.68.243

IP Abuse Reports for 134.33.68.243:

This IP address has been reported a total of 24 times from 21 distinct sources. 134.33.68.243 was first reported on June 11th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-11 22:26:31 (16 hours ago)		Brute-Force Web App Attack
Anonymous	2026-06-11 15:02:01 (1 day ago)	[_admin] cross-host-offender: auto: cross-host offender — banned on 3 hosts [httpd-xmlrpc-post]	Hacking Web App Attack
🇫🇷 ELYAZ	2026-06-11 13:10:44 (1 day ago)	(wordpress) Failed wordpress login from 134.33.68.243 (US/United States/-): (CF_ENABLE)	Brute-Force
🇩🇪 4server	2026-06-11 13:09:15 (1 day ago)	[ThuJun1115:09:12.9532162026][security2:error][pid2074754:tid2074794][client134.33.68.243:0]ModSecur ... show more [ThuJun1115:09:12.9532162026][security2:error][pid2074754:tid2074794][client134.33.68.243:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"studio-portale.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiqzeF8X2FoE5fCaGdTBZwAAAEI\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-11 13:09:10 (1 day ago)	(wordpress) Failed wordpress login from 134.33.68.243 (US/United States/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 12:49:49 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 134.33.68.243 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 134.33.68.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:49:42.836591 2026] [security2:error] [pid 15847:tid 15847] [client 134.33.68.243:31457] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.texaslawman.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.texaslawman.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiqu5lSEvvWaB0SmEmSBLwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 taivas.nl	2026-06-11 12:02:12 (1 day ago)	Wordpress_xmlrpc_attack	Bad Web Bot
🇸🇪 vaia.cloud	2026-06-11 12:02:01 (1 day ago)	trying wp-login.php/xmlrpc.php 31 times in 1 minutes	Brute-Force Web App Attack
🇳🇱 BlueWire Hosting	2026-06-11 11:54:01 (1 day ago)	Probing websites for vulnerabilities	Web App Attack
Anonymous	2026-06-11 11:47:39 (1 day ago)	[redacted] 134.33.68.243 - - [11/Jun/2026:13:47:35 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "M ... show more [redacted] 134.33.68.243 - - [11/Jun/2026:13:47:35 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.37" [redacted] 134.33.68.243 - - [11/Jun/2026:13:47:36 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 134.33.68.243 - - [11/Jun/2026:13:47:36 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 134.33.68.243 - - [11/Jun/2026:13:47:37 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" [redacted] 134.33.68.243 - - [11/Jun/2026:13:47:37 +0200] "POST /xmlrpc.php HTTP/2.0" 200 216 "-" "Moz ... show less	Hacking Web App Attack
Anonymous	2026-06-11 11:45:10 (1 day ago)	Attac	Brute-Force
🇩🇪 grassau.com	2026-06-11 11:41:28 (1 day ago)	(wordpress) Failed wordpress login from 134.33.68.243 (US/United States/Arizona/Phoenix/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 11:40:52 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 134.33.68.243 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 134.33.68.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:40:47.069413 2026] [security2:error] [pid 9624:tid 9624] [client 134.33.68.243:31429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.guitarwisdom.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.guitarwisdom.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiqevw5_u_gFx1ZjADB4vwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 11:32:06 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/2.0, GET /wp-json/wp/v2/users/ HTTP/2. ... show more Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/2.0, GET /wp-json/wp/v2/users/ HTTP/2.0, GET / HTTP/2.0 show less	Hacking Web App Attack
Anonymous	2026-06-11 11:31:40 (1 day ago)	134.33.68.243 - - [11/Jun/2026:13:31:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 ... show more 134.33.68.243 - - [11/Jun/2026:13:31:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.37" 134.33.68.243 - - [11/Jun/2026:13:31:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 134.33.68.243 - - [11/Jun/2026:13:31:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 134.33.68.243 - - [11/Jun/2026:13:31:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 134.33.68.243 - - [11/Jun/2026:13:31:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 451 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0 ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.120

🇸🇦 50.60.89.38

🇮🇩 2406:da19:776:6e02:dda4:2f0e:5178:3714

🇺🇸 208.84.100.238

🇮🇳 198.38.85.149

🇲🇽 170.239.148.87

🇷🇴 143.20.185.220

🇩🇪 116.203.164.1

🇭🇰 101.36.108.9

🇺🇸 73.37.27.254

🇬🇧 62.56.246.76

🇺🇸 18.221.179.104

🇨🇳 220.154.133.135

🇬🇧 185.91.69.33

🇺🇸 113.20.4.9

🇳🇱 82.39.86.153

🇮🇳 59.145.170.227

🇺🇸 45.144.115.58

🇺🇸 20.127.204.214

🇨🇳 218.56.160.82