JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 136.243.166.227

136.243.166.227 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	www461.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 136.243.166.227

Whois 136.243.166.227

IP Abuse Reports for 136.243.166.227:

This IP address has been reported a total of 13 times from 11 distinct sources. 136.243.166.227 was first reported on November 10th 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 octageeks.com	2025-11-11 05:10:15 (6 months ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇩🇪 london2038.com	2025-11-10 15:05:37 (7 months ago)	Attacking WordPress 136.243.166.227 - - [10/Nov/2025:16:05:33 +0100] "POST /wp-login.php HTTP/2.0" 5 ... show more Attacking WordPress 136.243.166.227 - - [10/Nov/2025:16:05:33 +0100] "POST /wp-login.php HTTP/2.0" 503 19291 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
Anonymous	2025-11-10 15:00:20 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-10 14:57:49 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 136.243.166.227 (www461.your-server.de): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 136.243.166.227 (www461.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 09:57:45.097943 2025] [security2:error] [pid 17849:tid 17849] [client 136.243.166.227:34424] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.sigridsnaturalfoods.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sigridsnaturalfoods.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRH9aZyX7AcAqjVKAlw9RAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-11-10 14:50:12 (7 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇲🇹 Malta	2025-11-10 14:20:32 (7 months ago)	136.243.166.227 - - [10/Nov/2025:15:20:32 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 136.243.166.227 - - [10/Nov/2025:15:20:32 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; ATT-IE11; rv:11.0) like Gecko" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 14:07:05 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 136.243.166.227 (www461.your-server.de): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 136.243.166.227 (www461.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 09:06:57.037101 2025] [security2:error] [pid 4800:tid 4800] [client 136.243.166.227:58500] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mfleetservice.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mfleetservice.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRHxgYJ0Hs0CV7eSZArbeQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 stinpriza	2025-11-10 13:55:42 (7 months ago)	Web App Attack	Web App Attack
🇩🇪 FeG Deutschland	2025-11-10 13:50:44 (7 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 13:49:48 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 136.243.166.227 (www461.your-server.de): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 136.243.166.227 (www461.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 08:49:40.451093 2025] [security2:error] [pid 23059:tid 23059] [client 136.243.166.227:35902] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.premierveterinarysurgery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.premierveterinarysurgery.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRHtdFqHak0MgDYGVeryFwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2025-11-10 13:43:05 (7 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 paissangroup	2025-11-10 13:41:24 (7 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Rey	2025-11-10 13:32:02 (7 months ago)	WordPress xmlrpc.php attack [k93loxmq]	Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.19

🇮🇳 115.241.228.34

🇻🇳 103.161.170.12

🇷🇴 80.94.92.206

🇨🇳 49.77.20.221

🇨🇳 27.43.207.161

🇰🇷 218.156.38.44

🇸🇬 172.217.32.157

🇮🇳 152.32.158.219

🇻🇳 113.190.40.93

🇺🇸 104.210.140.134

🇳🇱 103.176.90.41

🇺🇸 35.247.35.204

🇺🇸 34.74.88.198

🇧🇷 2804:14d:902c:8202:b1ce:286a:1a8e:b498

🇺🇸 208.113.164.244

🇲🇳 203.23.199.88

🇹🇼 198.235.24.58

🇺🇸 195.184.76.139

🇸🇾 185.216.134.126