JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.201.136.102

185.201.136.102 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 25%: ?

25%

ISP	NETLABS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	netlabs.com.ua
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.201.136.102

Whois 185.201.136.102

IP Abuse Reports for 185.201.136.102:

This IP address has been reported a total of 11 times from 6 distinct sources. 185.201.136.102 was first reported on April 14th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-06-24 23:09:29 (1 day ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 21:45:08 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:45:02.401369 2026] [security2:error] [pid 28412:tid 28412] [client 185.201.136.102:54379] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|carra.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "carra.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajms3j9wvGh1fy3ORGhT6QAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 18:54:02 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 14:53:56.348468 2026] [security2:error] [pid 9814:tid 9814] [client 185.201.136.102:22655] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|birdlovers.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "birdlovers.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajbhxGGdmVNMqZkypGmzqAAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-05-21 15:55:24 (1 month ago)	Fail2Ban banned 185.201.136.102 for security violations in jail wp-armour. Log: 2026/05/21 15:55:24 ... show more Fail2Ban banned 185.201.136.102 for security violations in jail wp-armour. Log: 2026/05/21 15:55:24 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 185.201.136.102 \| Target: wplogin" , client: 185.201.136.102, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 tilellit.pro	2026-05-17 06:27:52 (1 month ago)	Fail2Ban banned 185.201.136.102 for security violations in jail wp-armour. Log: 2026/05/17 06:27:52 ... show more Fail2Ban banned 185.201.136.102 for security violations in jail wp-armour. Log: 2026/05/17 06:27:52 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 185.201.136.102 \| Target: wplogin" , client: 185.201.136.102, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-05-07 03:21:35 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 23:21:30.029631 2026] [security2:error] [pid 32405:tid 32405] [client 185.201.136.102:37547] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|opennatura.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "opennatura.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afwFOnLjQna7aLU15Y1zBgAAABs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-01 14:21:00 (1 month ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 entangled_mongoose	2026-04-30 19:01:48 (1 month ago)	Probed /wp-login.php.	Web App Attack
🇺🇸 TPI-Abuse	2026-04-30 18:42:27 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 14:42:21.064751 2026] [security2:error] [pid 17352:tid 17404] [client 185.201.136.102:45635] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|frmoto.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "frmoto.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afOijYCZWrVoMr1i3mKANwAAAZc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-04-27 02:43:38 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 00:26:18 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.201.136.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 20:26:10.844241 2026] [security2:error] [pid 170258:tid 170258] [client 185.201.136.102:9411] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mathgen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mathgen.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad2JooadP358VDuYTvgAsAAAABo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.242

🇪🇸 90.162.116.66

🇺🇸 69.133.27.137

🇧🇷 190.115.84.25

🇧🇷 177.89.18.235

🇨🇳 171.113.163.245

🇲🇽 148.222.11.43

🇲🇦 102.52.144.254

🇨🇦 85.217.149.15

🇩🇪 69.5.169.51

🇺🇸 50.31.205.10

🇺🇸 34.148.156.74

🇺🇸 24.96.129.53

🇨🇳 221.235.197.248

🇩🇪 167.94.145.19

🇸🇬 157.230.42.17

🇨🇳 124.174.17.2

🇮🇩 118.99.114.224

🇺🇸 103.143.239.193

🇳🇱 45.154.98.112