JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 168.119.248.117

168.119.248.117 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 100%: ?

100%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.117.248.119.168.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 168.119.248.117

Whois 168.119.248.117

IP Abuse Reports for 168.119.248.117:

This IP address has been reported a total of 41 times from 19 distinct sources. 168.119.248.117 was first reported on June 28th 2026, and the most recent report was 43 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-28 21:10:58 (43 minutes ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:10:53.837862 2026] [security2:error] [pid 30702:tid 30702] [client 168.119.248.117:54142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|snowrideadventures.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "snowrideadventures.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGN3cuXx90WRU9vYpoaMgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 omc	2026-06-28 20:45:53 (1 hour ago)	Banned IP [QC]. GET /wordpress/xmlrpc.php [Q4].	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-28 20:34:43 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:34:38.755890 2026] [security2:error] [pid 21100:tid 21100] [client 168.119.248.117:49974] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|puckerbikinis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "puckerbikinis.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "akGFXqZuCkl6hRbiX3L4aQAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 19:55:10 (1 hour ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 15:55:03.499899 2026] [security2:error] [pid 1388:tid 1472] [client 168.119.248.117:48654] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|maroontribe.philacentric.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maroontribe.philacentric.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akF8F29G7YPEwoIDSiENHgAAAE8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 17:59:38 (3 hours ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:59:34.762924 2026] [security2:error] [pid 4388:tid 4388] [client 168.119.248.117:60578] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|adona.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "adona.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akFhBlOe8E6gvmpMHx9A1AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-28 17:44:42 (4 hours ago)	stkildashule.org.au:443 168.119.248.117 - - [29/Jun/2026:03:44:40 +1000] "GET /?author=5&feed=rss2 H ... show more stkildashule.org.au:443 168.119.248.117 - - [29/Jun/2026:03:44:40 +1000] "GET /?author=5&feed=rss2 HTTP/1.1" 404 48890 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇷 ELYAZ	2026-06-28 17:40:25 (4 hours ago)	(y3) Failed access -byebye- from 168.119.248.117 (DE/Germany/static.117.248.119.168.clients.your-ser ... show more (y3) Failed access -byebye- from 168.119.248.117 (DE/Germany/static.117.248.119.168.clients.your-server.de): (CF_ENABLE) show less	Hacking
🇺🇸 ambor	2026-06-28 17:02:46 (4 hours ago)	Honeypot triggered: /wp-json/wp/v2/users on ifebridge.com. User-Agent: Mozilla/5.0 (Windows NT 10.0; ... show more Honeypot triggered: /wp-json/wp/v2/users on ifebridge.com. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36. Method: GET show less	Web App Attack
🇩🇪 neckaralb-admin.de	2026-06-28 16:48:06 (5 hours ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 16:30:32 (5 hours ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:30:14.104970 2026] [security2:error] [pid 28866:tid 28866] [client 168.119.248.117:57626] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ussthresher.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ussthresher.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akFMFdnh_LqXtU18FYhlRwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-28 15:28:30 (6 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-28 15:13:59 (6 hours ago)	balcomberetreat.com.au:443 168.119.248.117 - - [29/Jun/2026:01:13:57 +1000] "GET /?author=4 HTTP/1.1 ... show more balcomberetreat.com.au:443 168.119.248.117 - - [29/Jun/2026:01:13:57 +1000] "GET /?author=4 HTTP/1.1" 404 3803 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 15:13:38 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:13:31.544175 2026] [security2:error] [pid 29276:tid 29276] [client 168.119.248.117:43850] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gegkal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gegkal.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akE6GwW3MypzH1p_xnRJbQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 filstal.org	2026-06-28 15:06:17 (6 hours ago)	WordPress login brute-force detected.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 14:47:07 (7 hours ago)	(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ... show more (mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:46:59.373342 2026] [security2:error] [pid 16071:tid 16071] [client 168.119.248.117:36306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tcit.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tcit.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akEz438qrgKUfkB_oZYiRAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.73

🇺🇸 194.187.179.91

🇮🇩 182.253.156.184

🇰🇷 112.219.151.50

🇺🇸 45.132.115.72

🇹🇼 198.235.24.42

🇸🇬 118.194.235.16

🇨🇳 113.247.117.226

🇯🇵 111.238.174.6

🇳🇱 94.102.49.193

🇧🇷 45.229.91.34

🇺🇸 45.156.129.128

🇳🇱 45.148.10.157

🇳🇱 176.65.139.114

🇩🇪 172.121.87.109

🇲🇾 165.154.149.32

🇩🇪 148.251.47.87

🇫🇷 85.217.140.23

🇺🇸 71.6.135.131

🇸🇬 45.78.207.244