JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.253.209.118

192.253.209.118 was found in our database!

This IP was reported 123 times. Confidence of Abuse is 33%: ?

33%

ISP	VPN Consumer New Jersey, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Jersey City, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.253.209.118

Whois 192.253.209.118

IP Abuse Reports for 192.253.209.118:

This IP address has been reported a total of 123 times from 58 distinct sources. 192.253.209.118 was first reported on February 16th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nyt	2026-06-07 03:17:38 (5 days ago)	WP login POST blocked by WAF, Bare UA + POST, WP Author Enumeration, WP User Enumeration	Brute-Force Web App Attack
🇫🇷 digital-plus-experience.com	2026-06-02 04:18:52 (1 week ago)	Probe for vulnerabilities. Path attempted: /wp-login.php	Web App Attack
🇫🇷 Baking333	2026-05-30 17:10:41 (1 week ago)	[redacted] 192.253.209.118 - - [30/May/2026:18:10:39 +0100] "GET /[redacted] HTTP/1.1" 302 5283 0/13 ... show more [redacted] 192.253.209.118 - - [30/May/2026:18:10:39 +0100] "GET /[redacted] HTTP/1.1" 302 5283 0/137241 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; rv:143.0) Gecko/20100101 Firefox/143.0" [redacted] 192.253.209.118 - - [30/May/2026:18:10:39 +0100] "GET /wp-admin/ HTTP/1.1" 301 612 0/437 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 Version/17.0 Safari/605.1.15" show less	Bad Web Bot Web App Attack
🇺🇸 nyt	2026-04-29 13:24:35 (1 month ago)	Brute-Force, Web App Attack, suspicious: WP login POST blocked by WAF, Bare UA + POST	Brute-Force Web App Attack
🇺🇸 interbiznw.com	2026-04-25 20:16:44 (1 month ago)	wordpress-bruteforce	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 nyt	2026-04-24 22:00:13 (1 month ago)	Brute-Force, Web App Attack, suspicious: WP login POST blocked by WAF, Bare UA + POST	Brute-Force Web App Attack
🇺🇸 nyt	2026-04-22 20:53:05 (1 month ago)	Brute-Force, Web App Attack, suspicious: WP login POST blocked by WAF, Bare UA + POST	Brute-Force Web App Attack
🇫🇷 Yepngo	2026-04-22 15:02:28 (1 month ago)	192.253.209.118 - - [22/Apr/2026:17:02:28 +0200] "POST /wp-login.php HTTP/2.0" 200 12081 "-" "Mozill ... show more 192.253.209.118 - - [22/Apr/2026:17:02:28 +0200] "POST /wp-login.php HTTP/2.0" 200 12081 "-" "Mozilla/5.0" ... show less	Brute-Force Web App Attack
🇫🇷 Yepngo	2026-04-22 08:09:12 (1 month ago)	192.253.209.118 - - [22/Apr/2026:10:09:12 +0200] "POST /wp-login.php HTTP/2.0" 200 12078 "-" "Mozill ... show more 192.253.209.118 - - [22/Apr/2026:10:09:12 +0200] "POST /wp-login.php HTTP/2.0" 200 12078 "-" "Mozilla/5.0" ... show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-04-22 02:55:07 (1 month ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 Yepngo	2026-04-22 02:26:29 (1 month ago)	192.253.209.118 - - [22/Apr/2026:04:09:27 +0200] "POST /wp-login.php HTTP/2.0" 200 12076 "-" "Mozill ... show more 192.253.209.118 - - [22/Apr/2026:04:09:27 +0200] "POST /wp-login.php HTTP/2.0" 200 12076 "-" "Mozilla/5.0" 192.253.209.118 - - [22/Apr/2026:04:26:28 +0200] "POST /wp-login.php HTTP/2.0" 200 12078 "-" "Mozilla/5.0" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-21 18:00:55 (1 month ago)	(mod_security) mod_security (id:210801) triggered by 192.253.209.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210801) triggered by 192.253.209.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 21 14:00:49.510473 2026] [security2:error] [pid 9800:tid 9800] [client 192.253.209.118:52131] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sqlmap" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|castagnino.com\|F\|2"] [data "sqlmap/1.10.1.55#dev (https://sqlmap.org)"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "castagnino.com"] [uri "/"] [unique_id "aee7Ubs7FFAVuXjPnSZ1AAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2026-04-20 16:35:14 (1 month ago)	tcp/80; Configuration file access attempt: "GET /credentials/config.json" @ 2026-04-20T16:28:04Z [az ... show more tcp/80; Configuration file access attempt: "GET /credentials/config.json" @ 2026-04-20T16:28:04Z [azure] show less	Web App Attack
🇫🇷 dynamix	2026-04-20 14:48:27 (1 month ago)	Multiple WAF Violations	Web App Attack
🇳🇱 Site.eu	2026-04-20 11:33:59 (1 month ago)	Excessive multi-domain requests	Brute-Force

Showing 1 to 15 of 123 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 157.48.88.27

🇨🇳 114.132.231.42

🇻🇳 103.118.28.17

🇱🇹 45.227.254.170

🇳🇱 45.148.10.156

🇬🇧 35.203.211.215

🇮🇪 34.251.176.191

🇺🇸 34.58.124.191

🇿🇦 15.240.113.64

🇩🇪 213.209.159.56

🇬🇧 209.97.183.43

🇮🇳 203.194.105.205

🇺🇸 195.184.76.180

🇩🇪 135.125.152.18

🇮🇳 117.203.104.74

🇨🇳 116.179.37.232

🇨🇦 104.207.60.246

🇫🇷 91.231.89.252

🇷🇺 45.132.18.40

🇬🇧 204.217.245.177