JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.34.210.136

149.34.210.136 was found in our database!

This IP was reported 199 times. Confidence of Abuse is 100%: ?

100%

ISP	GIBIRNET ILETISIM HIZMETLERI SANAYI VE TICARET LIMITED SIRKETI
Usage Type	Fixed Line ISP
ASN	AS208972
Hostname(s)	undefined.hostname.localhost
Domain Name	gibir.net.tr
Country	🇹🇷 Turkey
City	Istanbul, Istanbul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.34.210.136

Whois 149.34.210.136

IP Abuse Reports for 149.34.210.136:

This IP address has been reported a total of 199 times from 77 distinct sources. 149.34.210.136 was first reported on February 27th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-03-17 15:07:34 (2 months ago)	(wordpress) Failed wordpress login from 149.34.210.136 (TR/Türkiye/-/-/undefined.hostname.localhost/ ... show more (wordpress) Failed wordpress login from 149.34.210.136 (TR/Türkiye/-/-/undefined.hostname.localhost/[redacted]): (CF_ENABLE) show less	Brute-Force
🇩🇪 big-cloud.nl	2026-03-17 09:17:20 (2 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-03-17 00:22:55 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): ... show more (mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 20:22:48.596037 2026] [security2:error] [pid 17647:tid 17647] [client 149.34.210.136:56382] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rentkase.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rentkase.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abie2NEWZ4aUjbYcKvyGIwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-16 23:58:11 (2 months ago)	149.34.210.136 - - [17/Mar/2026:00:58:11 +0100] "POST / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows ... show more 149.34.210.136 - - [17/Mar/2026:00:58:11 +0100] "POST / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 6.3; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/80.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-16 20:30:03 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): ... show more (mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 16:29:56.587147 2026] [security2:error] [pid 11417:tid 11417] [client 149.34.210.136:59647] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|famagustacyprus.eu\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "famagustacyprus.eu"] [uri "/wp-json/wp/v2/users"] [unique_id "abhoRDSJegrQ-A9vuflQ6gAAAD8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-16 18:50:04 (2 months ago)	Bot / scanning and/or hacking attempts: GET /xmlrpc.php HTTP/1.1, POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇦🇺 screwlooseit.com.au	2026-03-16 18:10:16 (2 months ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/undefined.hostname.localhost	Web App Attack
🇺🇸 lostswordfish.com	2026-03-16 15:48:03 (2 months ago)	Wordfence waf block on parsol	Web App Attack
🇺🇸 TPI-Abuse	2026-03-16 10:22:45 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): ... show more (mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 06:22:39.740482 2026] [security2:error] [pid 5596:tid 5596] [client 149.34.210.136:59697] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aquanauticsige.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aquanauticsige.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abfZ73MBFI_94pjzG3o6gAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-03-16 00:53:08 (2 months ago)	(wordpress) Failed wordpress login from 149.34.210.136 (TR/Türkiye/-/-/undefined.hostname.localhost/ ... show more (wordpress) Failed wordpress login from 149.34.210.136 (TR/Türkiye/-/-/undefined.hostname.localhost/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-03-15 14:19:16 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): ... show more (mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 15 10:19:12.454306 2026] [security2:error] [pid 6728:tid 6728] [client 149.34.210.136:58443] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|magnoliahillproductions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "magnoliahillproductions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aba_4LJpXTlpczmQ1lvShQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-15 12:54:04 (2 months ago)	(wordpress) Failed wordpress login from 149.34.210.136 (TR/Türkiye/undefined.hostname.localhost)	Brute-Force
🇩🇪 LRob.fr	2026-03-15 12:30:08 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-03-14 13:50:43 (2 months ago)	Fail2ban filtered ...	Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 04:19:23 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): ... show more (mod_security) mod_security (id:225170) triggered by 149.34.210.136 (undefined.hostname.localhost): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 00:19:18.590478 2026] [security2:error] [pid 27920:tid 27920] [client 149.34.210.136:59602] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rimaine.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rimaine.org"] [uri "/wp-json/wp/v2/users"] [unique_id "abThxld0v72cSaLUua81JQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 166 to 180 of 199 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 179.184.242.48

🇺🇸 174.105.15.219

🇺🇸 147.185.132.69

🇮🇩 103.15.226.202

🇺🇸 66.132.186.247

🇺🇸 65.49.1.152

🇩🇪 47.245.143.238

🇬🇧 35.203.210.22

🇨🇳 221.13.93.100

🇨🇴 181.48.97.163

🇬🇧 172.236.3.94

🇩🇪 164.92.238.219

🇺🇸 162.216.150.119

🇺🇸 162.216.149.92

🇺🇸 147.185.132.67

🇺🇸 147.185.132.62

🇩🇪 142.93.105.218

🇩🇪 134.122.91.98

🇩🇪 134.122.82.176

🇨🇳 123.178.210.134