JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.30.138.133

85.30.138.133 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 67%: ?

67%

ISP	Teleservice Bredband Skane AB
Usage Type	Fixed Line ISP
ASN	AS34244
Hostname(s)	host-85-30-138-133.sydskane.nu
Domain Name	teleservice.net
Country	🇸🇪 Sweden
City	Malmo, Skane

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.30.138.133

Whois 85.30.138.133

IP Abuse Reports for 85.30.138.133:

This IP address has been reported a total of 25 times from 12 distinct sources. 85.30.138.133 was first reported on April 1st 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 09:52:06 (7 hours ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:52:01.918591 2026] [security2:error] [pid 760:tid 760] [client 85.30.138.133:59623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.psychiatryabuse.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.psychiatryabuse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajJuQQL1c5EQXacqd-nriwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 10:51:22 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:51:18.699779 2026] [security2:error] [pid 10986:tid 10986] [client 85.30.138.133:51438] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.aandbnaturalfoods.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.aandbnaturalfoods.com"] [uri "/naturally/wp-json/wp/v2/users"] [unique_id "ajEqpoiWqH4MOWEDorzh7AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 07:32:08 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:32:04.110218 2026] [security2:error] [pid 14628:tid 14628] [client 85.30.138.133:54207] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.cliniquecavalancia.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cliniquecavalancia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajD79Np1GUTgS5vFD7GOJwAAAH4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 NotCool	2026-06-15 23:06:50 (1 day ago)	[7200] (WPLOGIN,XMLRPC) Login failure/trigger from 85.30.138.133 (SE/Sweden/host-85-30-138-133.sydsk ... show more [7200] (WPLOGIN,XMLRPC) Login failure/trigger from 85.30.138.133 (SE/Sweden/host-85-30-138-133.sydskane.nu): 50 in the last 3600 secs show less	Brute-Force
Anonymous	2026-06-15 18:22:43 (1 day ago)	[ns41.kdns.gr] httpd-suspicious-path: sites=msjacovides.com; logs=/var/log/httpd/domains/msjacovides ... show more [ns41.kdns.gr] httpd-suspicious-path: sites=msjacovides.com; logs=/var/log/httpd/domains/msjacovides.com.log; samples=/wp-json/wp/v2/users \| /?author=1 \| /author/admin/ show less	Hacking Web App Attack
🇮🇱 Dolphi	2026-06-15 14:20:08 (2 days ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇳🇱 middelkoopcc	2026-06-15 08:20:08 (2 days ago)	2026-06-15 10:19:07 WordPress login error from 85.30.138.133: invalid_username && 2026-06-15 10:19:0 ... show more 2026-06-15 10:19:07 WordPress login error from 85.30.138.133: invalid_username && 2026-06-15 10:19:07 WordPress login error from 85.30.138.133: invalid_username && 2026-06-15 10:19:07 WordPress login error from 85.30.138.133: invalid_username && 64 more within 20 minutes show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 02:38:37 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:38:32.881589 2026] [security2:error] [pid 9058:tid 9058] [client 85.30.138.133:51111] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.disio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.disio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai9lqNWs8YV6PmWFAJ6ntAAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:36:17 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:36:09.392246 2026] [security2:error] [pid 28162:tid 28162] [client 85.30.138.133:65305] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kadinisi.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kadinisi.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ai9I-WwKvWdpESlHLH4qngAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 00:13:03 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:12:59.329027 2026] [security2:error] [pid 29807:tid 29807] [client 85.30.138.133:50779] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.cienmalos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cienmalos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai9Di2CmfemFTXXt96CGtQAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 23:17:26 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 19:17:20.459684 2026] [security2:error] [pid 7173:tid 7173] [client 85.30.138.133:53787] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.fltsiminc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fltsiminc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai82gCCkwa1p_1zXByhUaAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 23:11:02 (2 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /?author=2 HTTP/1.1, GET / HT ... show more Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /?author=2 HTTP/1.1, GET / HTTP/1.1, GET /?author=3 HTTP/1.1, GET /?author=1 HTTP/1.1, GET /author/admin/ HTTP/1.1, POST /wp-login.php HTTP/1.1, GET /wp-json/wp/v2/users HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-14 21:13:01 (2 days ago)	CMS (WordPress or Joomla) brute force attempt.	Brute-Force
🇩🇪 rh24	2026-06-14 14:31:14 (3 days ago)	(wordpress-user-enum) Failed wordpress-user-enum trigger from 85.30.138.133 (SE/Sweden/host-85-30-13 ... show more (wordpress-user-enum) Failed wordpress-user-enum trigger from 85.30.138.133 (SE/Sweden/host-85-30-138-133.sydskane.nu): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 08:31:02 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): ... show more (mod_security) mod_security (id:225170) triggered by 85.30.138.133 (host-85-30-138-133.sydskane.nu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 04:30:56.676199 2026] [security2:error] [pid 15416:tid 15416] [client 85.30.138.133:56701] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.ohiohca.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ohiohca.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai5mwBeR2eUGnyrcvUhP2AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.48.181.192

🇺🇸 99.92.204.98

🇳🇱 91.92.40.29

🇨🇳 58.22.255.28

🇲🇽 200.68.161.186

🇳🇱 178.16.54.237

🇮🇩 163.7.6.41

🇨🇳 59.38.131.149

🇭🇰 45.142.154.103

🇺🇸 44.220.188.95

🇳🇱 204.76.203.81

🇩🇪 194.88.98.110

🇨🇷 186.177.88.42

🇺🇸 165.227.209.27

🇨🇳 119.29.195.53

🇵🇱 213.108.227.87

🇫🇷 212.227.27.47

🇬🇧 193.163.125.172

🇺🇸 192.178.37.26

🇩🇪 162.19.243.145