JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 118.179.70.4

118.179.70.4 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 91%: ?

91%

ISP	Amber IT Limited
Usage Type	Fixed Line ISP
ASN	AS23956
Domain Name	amberit.com.bd
Country	🇧🇩 Bangladesh
City	Dhaka, Dhaka Division

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 118.179.70.4

Whois 118.179.70.4

IP Abuse Reports for 118.179.70.4:

This IP address has been reported a total of 24 times from 18 distinct sources. 118.179.70.4 was first reported on June 9th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-25 09:58:44 (1 hour ago)	Web attack/malicious scanning detected	Web App Attack
🇮🇩 Burayot	2026-06-24 10:41:10 (1 day ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 118.179.70.4 (BD/Bangladesh/-): 1 i ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 118.179.70.4 (BD/Bangladesh/-): 1 in the last 3600 secs show less	Web App Attack
🇳🇱 wlt-blocker	2026-06-24 10:27:18 (1 day ago)	Unauthorized access to webpage admin	Web App Attack
🇱🇻 garmtech.com	2026-06-24 05:11:32 (1 day ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)	Web App Attack
🇺🇸 mnsf	2026-06-23 11:06:48 (2 days ago)	Xmlrpc Caught (7)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 09:12:17 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 118.179.70.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 118.179.70.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 05:12:04.624636 2026] [security2:error] [pid 775:tid 775] [client 118.179.70.4:63062] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|4115thewestford.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "4115thewestford.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajpN5FupnkS2mjFPOSP1ygAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-23 03:58:58 (2 days ago)	Try to access /xmlrpc.php	Web App Attack
🇮🇳 dineshskt4all	2026-06-22 10:38:38 (3 days ago)	[Mon Jun 22 10:38:22.487525 2026] [proxy_fcgi:error] [pid 1868566:tid 136923800651456] [client 118.1 ... show more [Mon Jun 22 10:38:22.487525 2026] [proxy_fcgi:error] [pid 1868566:tid 136923800651456] [client 118.179.70.4:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇺🇸 OceanTreasure	2026-06-22 10:15:06 (3 days ago)	tcp/443; WordPress XML-RPC brute force attempt: "POST /xmlrpc.php" @ 2026-06-22T10:06:35Z [proxy]	Brute-Force
Anonymous	2026-06-22 09:34:11 (3 days ago)	...	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 09:24:38 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 118.179.70.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 118.179.70.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 05:24:27.658985 2026] [security2:error] [pid 22048:tid 22048] [client 118.179.70.4:50773] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marshdcs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marshdcs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajj_SzynNYKo35ETXfkzTgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-19 06:45:05 (6 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-17 10:03:01 (1 week ago)	[WedJun1712:02:50.4384272026][security2:error][pid2757563:tid2757632][client118.179.70.4:0]ModSecuri ... show more [WedJun1712:02:50.4384272026][security2:error][pid2757563:tid2757632][client118.179.70.4:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"cxservices.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajJwyp9mPifo32Ffn49W7QAAAJc\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-17 06:33:07 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 07:12:21 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 118.179.70.4 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 118.179.70.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:12:08.862234 2026] [security2:error] [pid 5027:tid 5027] [client 118.179.70.4:49723] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rockinr.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rockinr.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajD3SN6xFRAdj9mlrprHIgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.205.123.57

🇺🇸 192.225.241.98

🇨🇳 118.145.213.116

🇮🇩 103.168.135.187

🇱🇻 81.30.98.144

🇧🇬 79.124.58.218

🇱🇹 62.60.130.148

🇧🇪 35.233.19.108

🇺🇸 185.117.225.76

🇪🇸 162.158.122.145

🇻🇳 103.75.182.108

🇱🇹 77.90.185.16

🇨🇳 58.222.244.226

🇳🇱 37.139.19.141

🇺🇸 34.136.78.28

🇪🇸 185.176.8.77

🇸🇬 172.188.218.162

🇫🇮 147.185.133.211

🇰🇪 102.204.198.186

🇫🇷 91.231.89.164