JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.198.243.234

185.198.243.234 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 20%: ?

20%

ISP	VPN Consumer London, United Kingdom
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	vpnconsumer.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.198.243.234

Whois 185.198.243.234

IP Abuse Reports for 185.198.243.234:

This IP address has been reported a total of 71 times from 39 distinct sources. 185.198.243.234 was first reported on March 7th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-09 19:48:27 (1 week ago)	Aggressive web search of vulnerable pages: /wp-includes/fonts/themes.php /wp-content/themes/twentytw ... show more Aggressive web search of vulnerable pages: /wp-includes/fonts/themes.php /wp-content/themes/twentytwentytwo/assets/fonts/index.php /wp-includes ... show less	Web App Attack
🇬🇧 consul.to	2026-06-09 10:53:00 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇮🇹 VHosting	2026-06-09 10:30:03 (1 week ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇿 Antinson	2026-03-19 00:10:55 (3 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 mnsf	2026-03-07 12:05:23 (3 months ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 Penny Packer	2026-02-04 06:01:14 (4 months ago)	Fail2Ban apache-tripwires	Web App Attack
Anonymous	2025-12-17 01:14:42 (6 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-11-17 13:45:56 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 08:45:50.944174 2025] [security2:error] [pid 24462:tid 24462] [client 185.198.243.234:20901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ccamp.dev"] [uri "/sftp-config.json"] [unique_id "aRsnDnc5iJvOvXhEoqpJNgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-09-01 04:06:22 (9 months ago)	Wordpress malicious attack:[octawpauthor]	Web App Attack
🇩🇪 ger-stg-sifi1	2025-08-31 18:43:56 (9 months ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2025-08-31 18:43:15 (9 months ago)	(mod_security) mod_security (id:240335) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 14:43:09.415009 2025] [security2:error] [pid 30126:tid 30126] [client 185.198.243.234:50179] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.198.243.234 (+1 hits since last alert)\|mirai-labo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mirai-labo.com"] [uri "/develop/xmlrpc.php"] [unique_id "aLSXvX0rwUp47HLqubOiSQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 maxxsense	2025-08-31 17:18:58 (9 months ago)	(wordpress) Failed wordpress login from 185.198.243.234 (GB/United Kingdom/-)	Brute-Force
🇺🇸 TPI-Abuse	2025-08-31 11:09:55 (9 months ago)	(mod_security) mod_security (id:240335) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 07:09:51.622086 2025] [security2:error] [pid 3160:tid 3160] [client 185.198.243.234:36505] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.198.243.234 (+1 hits since last alert)\|www.farsipraiseclub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.farsipraiseclub.com"] [uri "/xmlrpc.php"] [unique_id "aLQtf6fjohMiI9nGlcXRmgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-31 06:44:54 (9 months ago)	(mod_security) mod_security (id:240335) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 02:44:49.380574 2025] [security2:error] [pid 28211:tid 28211] [client 185.198.243.234:60085] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.198.243.234 (+1 hits since last alert)\|wurkroom.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wurkroom.biz"] [uri "/xmlrpc.php"] [unique_id "aLPvYac_lsjG9FnldNKV9wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-30 19:03:06 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.198.243.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 15:02:32.151242 2025] [security2:error] [pid 2649:tid 2649] [client 185.198.243.234:39215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mavikalem.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mavikalem.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aLNKyKYXi1qqxUWiYhgWTQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:2:d1:0:1:51ea:4001

🇳🇱 176.65.139.204

🇰🇷 114.203.87.250

🇮🇩 117.102.86.226

🇰🇷 112.185.241.65

🇩🇪 69.5.169.51

🇳🇱 45.148.10.200

🇺🇸 2600:3c01::2000:19ff:fe2d:8329

🇧🇷 187.93.68.178

🇵🇹 85.246.139.9

🇺🇸 34.134.173.112

🇨🇦 20.151.112.161

🇮🇳 2401:4900:8837:8e4f:7dc3:bfb6:f64f:fbdc

🇺🇸 192.241.141.178

🇩🇪 167.94.146.71

🇫🇷 167.86.119.81

🇺🇸 136.36.189.65

🇫🇮 65.21.109.140

🇩🇪 45.135.141.17

🇺🇸 34.122.150.192