JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 137.255.61.229

137.255.61.229 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 52%: ?

52%

ISP	SOCIETE BENINOISE D'INFRASTRUCTURES NUMERIQUES
Usage Type	Fixed Line ISP
ASN	AS328228
Domain Name	celtiis.bj
Country	🇧🇯 Benin
City	Abomey-Calavi, Atlantique

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 137.255.61.229

Whois 137.255.61.229

IP Abuse Reports for 137.255.61.229:

This IP address has been reported a total of 8 times from 8 distinct sources. 137.255.61.229 was first reported on June 13th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 Tripwire	2026-06-15 12:38:58 (2 days ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 21:15:09 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 137.255.61.229 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 137.255.61.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:15:04.836546 2026] [security2:error] [pid 24291:tid 24291] [client 137.255.61.229:46757] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cajunpicasso.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cajunpicasso.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai8Z2Jui9OOJTJVTKEarngAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-14 18:45:04 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-14 09:03:46 (4 days ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 stinpriza	2026-06-14 02:23:35 (4 days ago)	Web App Attack	Web App Attack
🇩🇪 big-cloud.nl	2026-06-13 22:13:38 (4 days ago)	Try to access /xmlrpc.php	Web App Attack
🇫🇮 inlink.ltd	2026-06-13 19:13:37 (4 days ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇪 4server	2026-06-13 17:20:42 (4 days ago)	[SatJun1319:20:36.5870992026][security2:error][pid1443124:tid1443214][client137.255.61.229:0]ModSecu ... show more [SatJun1319:20:36.5870992026][security2:error][pid1443124:tid1443214][client137.255.61.229:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"admin-services.ch\"][uri\"/xmlrpc.php\"][unique_id\"ai2RZCRE-rAglIY0-Ov1eAAAAME\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.119.224.238

🇭🇰 172.216.245.53

🇨🇦 85.217.149.6

🇮🇪 82.29.214.154

🇳🇱 45.142.193.122

🇨🇳 43.136.81.242

🇨🇳 14.29.184.206

🇨🇴 190.108.79.142

🇫🇷 178.237.102.52

🇸🇬 145.223.130.97

🇮🇳 128.185.197.42

🇦🇺 103.114.59.36

🇧🇪 34.77.31.148

🇬🇪 2.57.217.229

🇫🇮 204.168.255.141

🇧🇷 200.232.114.71

🇨🇳 171.104.83.150

🇵🇭 124.104.164.28

🇻🇳 116.103.16.19

🇷🇺 91.146.24.164