JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 147.93.168.136

147.93.168.136 was found in our database!

This IP was reported 166 times. Confidence of Abuse is 100%: ?

100%

ISP	Contabo GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141995
Hostname(s)	vmi3308573.contaboserver.net
Domain Name	contabo.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 147.93.168.136

Whois 147.93.168.136

IP Abuse Reports for 147.93.168.136:

This IP address has been reported a total of 166 times from 78 distinct sources. 147.93.168.136 was first reported on May 25th 2026, and the most recent report was 36 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 masterguru	2026-05-30 23:15:01 (3 days ago)	(wplogin) Failed WordPress login from 147.93.168.136 (NL/The Netherlands/vmi3308573.contaboserver.ne ... show more (wplogin) Failed WordPress login from 147.93.168.136 (NL/The Netherlands/vmi3308573.contaboserver.net): 5 in the last 3600 secs (0-122) show less	Hacking
🇩🇪 bsoft.de	2026-05-30 23:09:32 (3 days ago)	147.93.168.136 - - [30/May/2026:20:20:35 +0200] "GET /wp-login.php HTTP/1.1" 404 132092 "-" "Mozilla ... show more 147.93.168.136 - - [30/May/2026:20:20:35 +0200] "GET /wp-login.php HTTP/1.1" 404 132092 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 147.93.168.136 - - [30/May/2026:22:34:57 +0200] "GET /wp-login.php HTTP/1.1" 404 131802 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 147.93.168.136 - - [31/May/2026:01:09:31 +0200] "GET /wp-login.php HTTP/1.1" 404 70048 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack
🇩🇪 LRob.fr	2026-05-30 23:00:17 (3 days ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇺🇸 TPI-Abuse	2026-05-30 22:39:29 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 147.93.168.136 (vmi3308573.contaboserver.net): ... show more (mod_security) mod_security (id:225170) triggered by 147.93.168.136 (vmi3308573.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 18:39:22.367168 2026] [security2:error] [pid 27312:tid 27312] [client 147.93.168.136:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.rodrigoaldecoa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.rodrigoaldecoa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahtnGvvF-7IfsHAWFu-qkwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tecnicorioja	2026-05-30 22:00:57 (3 days ago)	wp-login attack [30/May/2026:13:15:18	Brute-Force Web App Attack
🇨🇦 polycoda	2026-05-30 21:06:37 (4 days ago)	📄 Probes for tons of inexistent files and/or PHP scripts	Hacking Web App Attack
🇮🇹 mgarofano80	2026-05-30 20:57:03 (4 days ago)		Brute-Force Web App Attack
Anonymous	2026-05-30 19:56:51 (4 days ago)	(caddyscan) Scanner path probe from 147.93.168.136 (NL/The Netherlands/vmi3308573.contaboserver.net) ... show more (caddyscan) Scanner path probe from 147.93.168.136 (NL/The Netherlands/vmi3308573.contaboserver.net): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 147.93.168.136 - - [30/May/2026:19:05:53 +0000] "GET /xmlrpc.php HTTP/1.1" [REDACTED] 200 2627 147.93.168.136 - - [30/May/2026:19:05:53 +0000] "GET /wp-admin/ HTTP/1.1" [REDACTED] 200 2627 147.93.168.136 - - [30/May/2026:19:56:42 +0000] "GET /wp-admin/ HTTP/1.1" [REDACTED] 200 2627 147.93.168.136 - - [30/May/2026:19:56:45 +0000] "GET /xmlrpc.php HTTP/1.1" [REDACTED] 200 2627 147.93.168.136 - - [30/May/2026:19:56:45 +0000] "GET /wp-login.php HTTP/1.1" show less	Port Scan
🇫🇷 ELYAZ	2026-05-30 18:25:41 (4 days ago)	(y4) Failed scan -byebye- from 147.93.168.136 (IN/India/vmi3308573.contaboserver.net): (CF_ENABLE)	Hacking
🇦🇺 paulshipley.com.au	2026-05-30 17:49:06 (4 days ago)	shop.levellapromotions.com.au:443 147.93.168.136 - - [31/May/2026:03:49:04 +1000] "GET /?author=13 H ... show more shop.levellapromotions.com.au:443 147.93.168.136 - - [31/May/2026:03:49:04 +1000] "GET /?author=13 HTTP/1.1" 404 198063 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" ... show less	Web App Attack
🇦🇺 FireGuard Server	2026-05-30 17:15:06 (4 days ago)	Blocked by OPNsense firewall; 3 hits, proto=tcp, ports=443	Port Scan Hacking
🇵🇱 bmino.pl	2026-05-30 17:14:30 (4 days ago)	Autoban IP(2): 147.93.168.136 - Hostname: Contabo GmbH - City: Paris - Region: Île-de-France - Count ... show more Autoban IP(2): 147.93.168.136 - Hostname: Contabo GmbH - City: Paris - Region: Île-de-France - Country: France - Location: 48.8566,2.35222 - Organization: Contabo GmbH - failed attempts. show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-30 16:49:24 (4 days ago)	147.93.168.136 - - [30/May/2026:19:49:23 +0300] "GET /wp-admin/ HTTP/1.1" 404 3346 "-" "Mozilla/5.0 ... show more 147.93.168.136 - - [30/May/2026:19:49:23 +0300] "GET /wp-admin/ HTTP/1.1" 404 3346 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" 147.93.168.136 - - [30/May/2026:19:49:23 +0300] "GET /wp-login.php HTTP/1.1" 404 3346 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" ... show less	Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-05-30 15:18:07 (4 days ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇨🇭 4server	2026-05-30 15:16:25 (4 days ago)	[SatMay3017:16:20.3264372026][security2:error][pid3075840:tid3076718][client147.93.168.136:0]ModSecu ... show more [SatMay3017:16:20.3264372026][security2:error][pid3075840:tid3076718][client147.93.168.136:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"4spv.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahr_RBtOYHjgHeuG-4rtDAAAAM8\"] show less	Hacking Web App Attack

Showing 106 to 120 of 166 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.18.139.237

🇸🇬 165.22.52.238

🇺🇸 154.16.147.251

🇨🇳 119.96.173.169

🇨🇳 110.53.234.5

🇳🇱 212.30.37.21

🇺🇸 98.159.37.124

🇷🇴 80.94.92.164

🇩🇪 78.47.4.5

🇺🇸 47.251.101.235

🇬🇦 41.158.254.55

🇩🇪 36.255.97.48

🇳🇱 31.56.209.210

🇺🇸 13.56.241.239

🇺🇸 4.246.135.192

🇨🇳 124.227.31.105

🇺🇸 70.40.220.123

🇰🇷 220.126.236.88

🇺🇸 216.172.190.116

🇺🇸 205.210.31.108