JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.198.240.3

185.198.240.3 was found in our database!

This IP was reported 190 times. Confidence of Abuse is 59%: ?

59%

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Trenton, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.198.240.3

Whois 185.198.240.3

IP Abuse Reports for 185.198.240.3:

This IP address has been reported a total of 190 times from 100 distinct sources. 185.198.240.3 was first reported on July 1st 2023, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-14 23:15:16 (10 hours ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-14 17:40:41 (16 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇫🇷 dynamix	2026-06-14 09:03:50 (1 day ago)	Multiple WAF Violations	Web App Attack
🇵🇱 sefinek.net	2026-06-11 07:46:53 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /wp-login.php \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; rv:143.0) Gecko/20100101 Firefox/143.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 conseilgouz	2026-06-10 14:49:08 (4 days ago)	coe-6 : Trying access system files=>/wp-login.php(wp-login.php)	Hacking
Anonymous	2026-05-26 05:19:28 (2 weeks ago)	Web attack blocked by Wordfence on 1valkenburg.nl (1 hit). Reported by CRMON.	Web App Attack
🇫🇷 Octopuce	2026-05-21 19:52:29 (3 weeks ago)	Aggressive web search of vulnerable pages: /wp-login.php /wp-includes/rest-api/index.php /.well-know ... show more Aggressive web search of vulnerable pages: /wp-login.php /wp-includes/rest-api/index.php /.well-known/about.php /.well-known/wincust.php /wp-ad ... show less	Web App Attack
Anonymous	2026-05-21 01:46:29 (3 weeks ago)	Failed Wordpress Logins	Web App Attack
🇩🇪 iNetWorker	2026-05-19 22:53:50 (3 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇫🇷 Thaliruth	2026-05-19 20:31:33 (3 weeks ago)	185.198.240.3 - - [19/May/2026:22:31:32 +0200] "GET /wp-includes/css/buttons.css HTTP/1.0" 404 3743 ... show more 185.198.240.3 - - [19/May/2026:22:31:32 +0200] "GET /wp-includes/css/buttons.css HTTP/1.0" 404 3743 "http://dwuletzki.de/wp-includes/css/buttons.css" "Go-http-client/2.0" ... show less	Brute-Force Web App Attack
🇫🇷 Kimax	2026-05-19 12:24:13 (3 weeks ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2026-05-18 08:52:17 (4 weeks ago)	(mod_security) mod_security (id:240000) triggered by 185.198.240.3 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 185.198.240.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 04:52:12.043216 2026] [security2:error] [pid 14487:tid 14678] [client 185.198.240.3:26075] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|montanatribes.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "montanatribes.org"] [uri "/images/stories/themes.php"] [unique_id "agrTPH7i0hxutRxzYXYrdAAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Kenshin869	2026-05-15 00:51:54 (1 month ago)	Wordpress unauthorized access attempt	Brute-Force
🇨🇭 backslash	2026-05-13 14:03:00 (1 month ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇫🇷 dynamix	2026-05-06 05:27:02 (1 month ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 190 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 194.5.82.35

🇲🇽 189.217.107.63

🇹🇷 185.200.37.231

🇩🇪 172.71.148.144

🇬🇧 138.68.153.47

🇮🇳 103.162.224.122

🇱🇹 81.30.98.62

🇱🇹 81.30.98.44

🇬🇧 81.19.219.196

🇺🇸 54.227.112.172

🇳🇱 45.148.10.200

🇭🇰 45.142.154.16

🇬🇧 45.67.198.62

🇭🇰 43.155.0.196

🇰🇷 34.64.168.161

🇦🇺 34.40.165.90

🇺🇸 18.222.106.88

🇯🇵 8.209.209.96

🇮🇩 2001:448a:2095:4b7:d111:db3f:273e:eb6d

🇺🇾 167.57.38.81