JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 149.34.210.140

149.34.210.140 was found in our database!

This IP was reported 414 times. Confidence of Abuse is 100%: ?

100%

ISP	GIBIRNET ILETISIM HIZMETLERI SANAYI VE TICARET LIMITED SIRKETI
Usage Type	Fixed Line ISP
ASN	AS208972
Hostname(s)	undefined.hostname.localhost
Domain Name	gibir.net.tr
Country	🇹🇷 Turkey
City	Istanbul, Istanbul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 149.34.210.140

Whois 149.34.210.140

IP Abuse Reports for 149.34.210.140:

This IP address has been reported a total of 414 times from 148 distinct sources. 149.34.210.140 was first reported on March 1st 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-04-24 17:06:20 (1 month ago)	(xmlrpc_405) XMLRPC-Bot 405 149.34.210.140 (TR/Türkiye/undefined.hostname.localhost)	Hacking
🇫🇷 applemooz	2026-04-14 19:15:08 (1 month ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
Anonymous	2026-04-14 07:26:52 (1 month ago)	149.34.210.140 - - [14/Apr/2026:09:26:31 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "WordPress.c ... show more 149.34.210.140 - - [14/Apr/2026:09:26:31 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "WordPress.com; https://wordpress.com" 149.34.210.140 - - [14/Apr/2026:09:26:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" 149.34.210.140 - - [14/Apr/2026:09:26:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" 149.34.210.140 - - [14/Apr/2026:09:26:40 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "WordPress.com; https://wordpress.com" 149.34.210.140 - - [14/Apr/2026:09:26:51 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com" ... show less	Brute-Force Web App Attack
Anonymous	2026-04-14 03:29:17 (1 month ago)		Bad Web Bot Web App Attack
🇩🇪 abdubhai	2026-04-14 03:07:43 (1 month ago)	149.34.210.140 - - [14/Apr/2026: ...	Brute-Force
🇩🇪 dbmwebdesign	2026-04-14 01:25:05 (1 month ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇨🇦 Dunham Support	2026-04-12 15:08:06 (1 month ago)	(wordpress) Failed wordpress login from 149.34.210.140 (TR/Türkiye/undefined.hostname.localhost)	Brute-Force
🇲🇾 Rizzy	2026-04-12 05:04:09 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-04-12 00:55:54 (1 month ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇪🇸 Gem	2026-04-10 22:10:23 (1 month ago)	Unauthorized web scan.	Web App Attack
🇩🇪 4server	2026-04-09 02:37:18 (1 month ago)	[ThuApr0904:37:16.3686462026][security2:error][pid2970299:tid2970415][client149.34.210.140:0]ModSecu ... show more [ThuApr0904:37:16.3686462026][security2:error][pid2970299:tid2970415][client149.34.210.140:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"112\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"artisteer-italia.org\"][uri\"/xmlrpc.php\"][unique_id\"adcQ3HWDy5XidOiKk8pSoAAAAFc\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 Baking333	2026-04-08 06:08:02 (1 month ago)	[redacted] 149.34.210.140 - - [08/Apr/2026:07:06:11 +0100] "POST /[redacted] HTTP/1.1" 405 4876 0/60 ... show more [redacted] 149.34.210.140 - - [08/Apr/2026:07:06:11 +0100] "POST /[redacted] HTTP/1.1" 405 4876 0/60579 "-" "[redacted]; https://[redacted]" [redacted] 149.34.210.140 - - [08/Apr/2026:07:08:00 +0100] "POST /[redacted] HTTP/1.1" 405 4876 0/114749 "-" "Jetpack by [redacted] (Jetpack 12.1; WordPress 6.3)" show less	Bad Web Bot Web App Attack
🇫🇮 6kilowatti	2026-04-07 16:52:51 (1 month ago)	149.34.210.140 - - [07/Apr/2026:19:52:51 +0300] "POST /xmlrpc.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 ... show more 149.34.210.140 - - [07/Apr/2026:19:52:51 +0300] "POST /xmlrpc.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.0.0 Safari/537.36" 149.34.210.140 - [07/Apr/2026:19:52:51 +0300] "POST /xmlrpc.php HTTP/1.1" 404 2048 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.0.0 Safari/537.36" ... show less	Web App Attack
🇨🇭 4server	2026-04-07 05:34:22 (1 month ago)	[TueApr0707:34:18.1652592026][security2:error][pid3404550:tid3404842][client149.34.210.140:0]ModSecu ... show more [TueApr0707:34:18.1652592026][security2:error][pid3404550:tid3404842][client149.34.210.140:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"200\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"4-server.com\"][uri\"/xmlrpc.php\"][unique_id\"adSXWsQlQNCZJhLr6sYb3AAAAAE\"] show less	Hacking Web App Attack
🇺🇸 myagent.site	2026-04-07 02:09:24 (1 month ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking

Showing 166 to 180 of 414 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 173.239.218.239

🇲🇷 41.188.117.213

🇧🇪 34.52.166.216

🇭🇰 8.218.142.110

🇬🇧 185.195.13.179

🇺🇸 162.216.150.185

🇺🇸 147.185.132.28

🇺🇸 147.182.202.179

🇮🇳 139.59.4.137

🇵🇰 103.26.82.194

🇺🇸 98.159.37.200

🇫🇷 92.205.57.72

🇺🇸 64.62.197.145

🇳🇱 45.148.10.121

🇸🇦 37.217.240.209

🇺🇸 24.255.18.131

🇨🇳 210.16.168.11

🇮🇶 185.24.61.211

🇬🇧 172.236.12.47

🇺🇸 162.216.150.110