JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.243.218.230

185.243.218.230 was found in our database!

This IP was reported 244 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Gigahost AS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS56655
Hostname(s)	tor-exit-info.middelstaedt.com
Domain Name	gigahost.no
Country	🇳🇴 Norway
City	Sandefjord, Vestfold

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.243.218.230

Whois 185.243.218.230

IP Abuse Reports for 185.243.218.230:

This IP address has been reported a total of 244 times from 121 distinct sources. 185.243.218.230 was first reported on December 14th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nodepile	2026-06-12 10:34:24 (4 hours ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/angel-eyes/led-drl-rgbw-boards.htm ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/angel-eyes/led-drl-rgbw-boards.html ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36') show less	Open Proxy VPN IP
🇵🇱 sefinek.net	2026-06-12 02:03:07 (13 hours ago)	Triggered Cloudflare WAF (firewallCustom) from T1. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from T1. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Mobile Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 Burayot	2026-06-10 13:46:14 (2 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 185.243.218.230 (NO/Norway/tor-exit ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 185.243.218.230 (NO/Norway/tor-exit-info.middelstaedt.com): 1 in the last 3600 secs show less	Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-06-09 20:52:02 (2 days ago)	2026-06-09T22:51:44.253463+02:00 web wordpress(upzcr.cz)[1561548]: Authentication failure for michel ... show more 2026-06-09T22:51:44.253463+02:00 web wordpress(upzcr.cz)[1561548]: Authentication failure for michela from 185.243.218.230 2026-06-09T22:51:57.563704+02:00 web wordpress(upzcr.cz)[1571871]: Authentication failure for michela from 185.243.218.230 2026-06-09T22:52:01.952249+02:00 web wordpress(upzcr.cz)[1558192]: Authentication failure for michela from 185.243.218.230 ... show less	Brute-Force
🇩🇪 big-cloud.nl	2026-06-09 10:56:41 (3 days ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇫🇮 nNordic	2026-06-09 09:15:56 (3 days ago)	Connection attempt blocked by IDS/IPS from 185.243.218.230/32	Hacking
🇳🇱 Site.eu	2026-06-06 18:12:03 (5 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 SpaceHost-Server	2026-06-06 16:55:48 (5 days ago)	185.243.218.230 - - [06/Jun/2026:18:55:42 +0200] "POST /wp-login.php HTTP/1.1" 200 14533 "https://ma ... show more 185.243.218.230 - - [06/Jun/2026:18:55:42 +0200] "POST /wp-login.php HTTP/1.1" 200 14533 "https://marienschule-schwagstorf.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 185.243.218.230 - - [06/Jun/2026:18:55:44 +0200] "POST /wp-login.php HTTP/1.1" 200 14533 "https://marienschule-schwagstorf.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 185.243.218.230 - - [06/Jun/2026:18:55:47 +0200] "POST /wp-login.php HTTP/1.1" 200 14533 "https://marienschule-schwagstorf.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇨🇿 Countryman	2026-06-06 00:10:01 (6 days ago)	repeated unauthorized VPN login attempt, user sweep	VPN IP Hacking Brute-Force
🇺🇸 nyt	2026-06-05 18:07:56 (6 days ago)	Brute-Force, Web App Attack, suspicious: XMLRPC Attack	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-05 07:32:36 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 Mundo Bueno	2026-06-05 04:44:11 (1 week ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: T1 \| UA: Mozilla/5.0 (Linux; Android ... show more [ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: T1 \| UA: Mozilla/5.0 (Linux; Android 8.0.0; LG-H872) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044. show less	Hacking Web App Attack
🇨🇿 Countryman	2026-06-05 00:49:35 (1 week ago)	repeated unauthorized VPN login attempt, user sweep	VPN IP Hacking Brute-Force
🇬🇧 maiconburn	2026-06-03 20:06:42 (1 week ago)	InnerWarden auto-block: AbuseIPDB auto-block: score=100/100 (threshold=75) (confidence 100%)	Hacking
🇬🇧 Interceptor_HQ	2026-06-02 21:54:23 (1 week ago)	request_uri: /.DS_Store -- automatic report --	Brute-Force Hacking

Showing 1 to 15 of 244 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 191.97.12.90

🇨🇳 111.17.162.203

🇵🇱 91.231.121.99

🇫🇷 85.217.140.40

🇫🇷 185.177.72.12

🇺🇸 162.216.149.121

🇺🇸 150.107.38.207

🇧🇷 131.221.133.6

🇨🇳 116.255.226.73

🇲🇲 103.59.163.133

🇪🇸 95.124.253.139

🇫🇷 85.217.140.27

🇷🇴 80.94.92.177

🇺🇸 73.247.236.71

🇺🇸 66.132.195.23

🇺🇸 40.126.29.5

🇩🇪 213.209.159.231

🇨🇳 182.40.195.233

🇨🇳 120.85.142.128

🇺🇦 91.200.40.110