JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 157.230.141.217

157.230.141.217 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 64%: ?

64%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇺🇸 United States of America
City	Santa Clara, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 157.230.141.217

Whois 157.230.141.217

IP Abuse Reports for 157.230.141.217:

This IP address has been reported a total of 23 times from 18 distinct sources. 157.230.141.217 was first reported on June 7th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 strefapi_com	2026-06-08 05:22:17 (2 weeks ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
Anonymous	2026-06-08 04:45:14 (2 weeks ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇬🇧 myintarweb	2026-06-08 04:22:18 (2 weeks ago)	157.230.141.217 - - [08/Jun/2026:05:22:17 +0100] 443 "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 ... show more 157.230.141.217 - - [08/Jun/2026:05:22:17 +0100] 443 "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 1579 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 04:10:42 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.230.141.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 157.230.141.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:10:37.409073 2026] [security2:error] [pid 22561:tid 22561] [client 157.230.141.217:49187] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|parasolia.angelabcomics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "parasolia.angelabcomics.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiZAvV546qpWkFWndBJxlgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-08 03:29:02 (2 weeks ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
🇫🇷 ✨	2026-06-08 02:46:09 (2 weeks ago)	Rule : WEB 2026-06-08 02:44:16 157.230.141.217 56604 148.72.166.128 443 - - - - - 400 - BadRequest - ... show more Rule : WEB 2026-06-08 02:44:16 157.230.141.217 56604 148.72.166.128 443 - - - - - 400 - BadRequest - TCP show less	Port Scan
🇩🇪 Lino Project	2026-06-08 01:20:35 (2 weeks ago)	157.230.141.217 - - [08/Jun/2026:03:20:32 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 403 428 "-" "Mozill ... show more 157.230.141.217 - - [08/Jun/2026:03:20:32 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 1gz	2026-06-08 00:40:00 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: CHALLENGE Protocol: HTTP/1.1 (GET m ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: //test/wp-includes/wlwmanifest.xml UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-08 00:35:30 (2 weeks ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇳🇿 Antinson	2026-06-08 00:24:56 (2 weeks ago)	High error rate and elevated request volume targeting cPanel servers	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 00:24:01 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.230.141.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 157.230.141.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:23:57.662001 2026] [security2:error] [pid 29201:tid 29201] [client 157.230.141.217:54500] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.orcastrong.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.orcastrong.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aiYLnRGXeXqSQVQDufDHFwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-07 23:20:04 (2 weeks ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇨🇭 Origon	2026-06-07 21:20:35 (2 weeks ago)	http-probing - IP: 157.230.141.217 - time="2026-06-07T23:20:34+02:00" level=info msg="(555f66b4f6a7 ... show more http-probing - IP: 157.230.141.217 - time="2026-06-07T23:20:34+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 157.230.141.217 (US/14061) : 4h ban on Ip 157.230.141.217" module=db show less	Web App Attack
🇳🇱 oisecnet	2026-06-07 21:01:48 (2 weeks ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-07. 2446 requests from thi ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-07. 2446 requests from this IP. show less	Brute-Force Web App Attack SSH
🇺🇸 TPI-Abuse	2026-06-07 20:50:39 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 157.230.141.217 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 157.230.141.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:50:34.836662 2026] [security2:error] [pid 24804:tid 24804] [client 157.230.141.217:59356] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|oldsite.soudertonbigred.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oldsite.soudertonbigred.org"] [uri "/band/wp-json/wp/v2/users/"] [unique_id "aiXZmkJIW4teFnFqY9-DTAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.149.228.159

🇺🇸 209.50.172.152

🇨🇴 206.62.136.109

🇦🇺 203.219.208.30

🇩🇪 164.90.178.220

🇬🇧 87.236.176.142

🇳🇱 45.148.10.157

🇨🇳 218.21.250.151

🇧🇴 200.105.141.172

🇧🇬 185.253.160.7

🇺🇸 164.92.73.153

🇭🇰 152.32.214.226

🇺🇸 136.56.34.147

🇧🇳 118.103.253.188

🇩🇪 93.208.33.222

🇲🇦 196.75.11.179

🇺🇸 147.185.132.204

🇰🇷 118.45.101.159

🇷🇺 95.165.159.70

🇳🇱 88.210.63.69