JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.198.195.164

112.198.195.164 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 51%: ?

51%

ISP	Globe Telecom/Innove Communication
Usage Type	Fixed Line ISP
ASN	AS132199
Domain Name	globe.com.ph
Country	🇵🇭 Philippines
City	Cebu City, Central Visayas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.198.195.164

Whois 112.198.195.164

IP Abuse Reports for 112.198.195.164:

This IP address has been reported a total of 26 times from 16 distinct sources. 112.198.195.164 was first reported on December 26th 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ger-stg-sifi1	2026-06-29 02:45:25 (1 day ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 Séfora Srl	2026-06-29 02:04:00 (1 day ago)	Failed attempt detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 WeekendWeb	2026-06-28 12:25:11 (1 day ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 10:31:08 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:31:04.071632 2026] [security2:error] [pid 26449:tid 26449] [client 112.198.195.164:57915] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.198.195.164 (+1 hits since last alert)\|kerrywood.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kerrywood.com"] [uri "/xmlrpc.php"] [unique_id "akD36G6WI3OWFS0DPs-TmAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 11:55:19 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 07:55:15.557957 2026] [security2:error] [pid 31872:tid 31945] [client 112.198.195.164:52639] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.198.195.164 (+1 hits since last alert)\|iamfluff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iamfluff.com"] [uri "/xmlrpc.php"] [unique_id "aj-6I43njd3HoM78XetzPAAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 factor1	2026-06-20 13:42:35 (1 week ago)	Fail2ban at saturn Reports Abuse.	Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-10 07:07:49 (2 weeks ago)	(wordpress) Failed wordpress login from 112.198.195.164 (PH/Philippines/-)	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-10 01:17:52 (2 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PH/Philippines/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 13:47:29 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 09:47:24.365560 2026] [security2:error] [pid 32115:tid 32115] [client 112.198.195.164:55536] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.198.195.164 (+1 hits since last alert)\|riser-astrology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "riser-astrology.com"] [uri "/xmlrpc.php"] [unique_id "aigZbPQH9ejO5Ce8Qosu8QAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:35:14 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 112.198.195.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:35:07.263966 2026] [security2:error] [pid 16289:tid 16289] [client 112.198.195.164:57222] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.198.195.164 (+1 hits since last alert)\|avalderlaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avalderlaw.com"] [uri "/xmlrpc.php"] [unique_id "aibhKxLy4j84Li7zUXQAugAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 14:59:13 (3 weeks ago)	Attac	Brute-Force
🇸🇪 konseptit	2026-06-06 14:21:24 (3 weeks ago)	(wordpress) Failed wordpress login from 112.198.195.164 (PH/Philippines/-)	Brute-Force
Anonymous	2026-05-31 07:02:09 (4 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-05-31 02:06:14 (4 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-27 13:32:20 (1 month ago)	Attac	Brute-Force

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.85.251.61

🇺🇸 199.127.62.250

🇧🇷 191.5.153.23

🇺🇸 147.185.132.135

🇷🇺 87.250.224.100

🇩🇪 69.5.169.3

🇺🇸 64.98.83.243

🇮🇩 45.126.185.186

🇺🇸 18.206.47.187

🇺🇸 173.214.163.42

🇺🇸 136.109.121.127

🇹🇷 94.154.43.66

🇺🇸 63.135.161.153

🇰🇿 37.99.123.138

🇺🇸 34.231.83.87

🇵🇱 172.253.206.53

🇨🇦 138.197.130.251

🇺🇸 135.237.124.78

🇮🇳 115.243.15.250

🇨🇦 67.71.55.209