JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.248.14.190

109.248.14.190 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 26%: ?

26%

ISP	Biterika Grupp OOO
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35048
Domain Name	biterika.com
Country	🇷🇺 Russian Federation
City	Moscow, Moscow

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.248.14.190

Whois 109.248.14.190

IP Abuse Reports for 109.248.14.190:

This IP address has been reported a total of 39 times from 21 distinct sources. 109.248.14.190 was first reported on August 28th 2021, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-22 18:03:15 (1 day ago)	SOHODE WEBFORM SPAM 109.248.14.190 (109.248.14.190)	Web Spam
🇵🇱 sefinek.net	2026-05-30 23:19:47 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from RU. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from RU. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.1 Safari/605.1.15 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇿 ddw	2026-05-30 12:48:22 (3 weeks ago)	WordPress Brute Force Attack.	Hacking Brute-Force Web App Attack
🇩🇪 iNetWorker	2026-05-30 09:39:19 (3 weeks ago)	trolling for resource vulnerabilities	Web App Attack
🇬🇧 nigelrbfurness	2026-05-29 10:22:00 (3 weeks ago)	attacking wp-login	Brute-Force
🇺🇸 oncord	2026-03-15 10:40:55 (3 months ago)	Form spam	Web Spam
Anonymous	2026-02-22 03:01:50 (4 months ago)	DirectAdmin Auto Report (sepidandishe.com.log)	Brute-Force SSH
🇺🇸 dtorrer	2026-02-12 04:49:23 (4 months ago)	Client attempted to submit spam on a website post.	Blog Spam
🇮🇪 RoboSOC	2026-02-06 01:25:06 (4 months ago)	WordPress W3 Total Cache Plugin Command Injection Vulnerability, PTR: PTR record not found	Hacking
🇨🇦 Psycho Solutions LLC	2025-08-22 01:57:40 (10 months ago)	SSH Bruteforce detected - Timestamp: 8/22/2025 1:57 am (UTC-6)	Brute-Force SSH
🇩🇪 netclix.gr	2025-07-18 09:56:48 (11 months ago)	(imapd) Failed IMAP login from 109.248.14.190 (RU/Russia/-): 5 in the last 4600 secs; Ports: ; Dire ... show more (imapd) Failed IMAP login from 109.248.14.190 (RU/Russia/-): 5 in the last 4600 secs; Ports: ; Direction: inout; Trigger: LF_IMAPD; Logs: Jul 18 12:56:45 anak dovecot: imap-login: Disconnected: Connection closed (auth failed, 5 attempts in 37 secs): user=<[email protected]>, method=PLAIN, rip=109.248.14.190, lip=157.90.1.68, TLS: Connection closed, session=<X2yZIjE6O+ht+A6+> show less	Port Scan
Anonymous	2025-07-08 21:33:29 (11 months ago)	Ports: 143,993; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇻🇳 Xuan Can	2025-04-19 22:56:21 (1 year ago)	(mod_security) mod_security (id:6) triggered by 109.248.14.190 (RU/Russia/-): 1 in the last 3600 sec ... show more (mod_security) mod_security (id:6) triggered by 109.248.14.190 (RU/Russia/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 20 05:56:15.405591 2025] [security2:error] [pid 39880:tid 39911] [client 109.248.14.190:36755] [client 109.248.14.190] ModSecurity: Access denied with connection close (phase 2). Pattern match "wp-login.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "62"] [id "6"] [severity "CRITICAL"] [hostname "kb.pavietnam.vn"] [uri "/wp-login.php"] [unique_id "aAQqD4ibndOhz8nQ-Jcv1QAAAAA"], referer: https://kb.pavietnam.vn/wp-login.php?action=register show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-08 08:11:53 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 109.248.14.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 109.248.14.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 04:11:45.599837 2025] [security2:error] [pid 945953:tid 945953] [client 109.248.14.190:51665] [client 109.248.14.190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thewhispertwins.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thewhispertwins.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_TaQRCKXlqbst-ebVST0wAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-08 06:22:00 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 109.248.14.190 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 109.248.14.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 02:21:54.800199 2025] [security2:error] [pid 32449:tid 32449] [client 109.248.14.190:49021] [client 109.248.14.190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sigridsnaturalfoods.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sigridsnaturalfoods.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_TAgsbWeGEuRM1XULBILQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.123

🇺🇸 216.25.89.91

🇳🇱 192.253.248.67

🇧🇷 179.61.154.166

🇨🇳 120.48.155.60

🇵🇰 119.30.118.21

🇮🇳 103.199.207.38

🇬🇧 83.136.251.36

🇧🇬 79.124.56.146

🇩🇪 69.5.169.82

🇮🇩 69.5.20.232

🇰🇷 61.111.20.121

🇺🇸 43.159.132.78

🇳🇱 192.42.116.104

🇭🇰 168.76.131.178

🇰🇷 164.124.101.110

🇨🇳 112.86.225.192

🇮🇳 103.24.63.85

🇦🇺 91.124.88.42

🇰🇷 61.111.20.106