JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 146.158.111.164

146.158.111.164 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 36%: ?

36%

ISP	SM Ltd.
Usage Type	Fixed Line ISP
ASN	AS210616
Domain Name	sm117.ru
Country	🇷🇺 Russian Federation
City	Novosibirsk, Novosibirsk Oblast

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 146.158.111.164

Whois 146.158.111.164

IP Abuse Reports for 146.158.111.164:

This IP address has been reported a total of 23 times from 15 distinct sources. 146.158.111.164 was first reported on May 23rd 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 16:38:21 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 146.158.111.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 146.158.111.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 12:38:14.531388 2026] [security2:error] [pid 27159:tid 27159] [client 146.158.111.164:55185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 146.158.111.164 (+1 hits since last alert)\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "aiw19gEcKjY245bJW7K3yAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 13:06:55 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 146.158.111.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 146.158.111.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:06:50.079582 2026] [security2:error] [pid 17707:tid 17707] [client 146.158.111.164:55005] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 146.158.111.164 (+1 hits since last alert)\|snowrideadventures.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "snowrideadventures.com"] [uri "/xmlrpc.php"] [unique_id "ailhakJxQXtBL8j6OCpvDgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 09:02:04 (5 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇹🇼 kk_it_man	2026-05-18 13:50:05 (3 weeks ago)	honey catch	Port Scan
🇨🇳 ThreatBook.io	2026-05-17 22:38:04 (4 weeks ago)	ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/146.158.111.164	SSH
🇺🇸 xmission.com	2026-05-17 10:06:16 (4 weeks ago)	Blocked by UFW (TCP on 23) Source port: 52434 TTL: 51 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 52434 TTL: 51 Packet length: 60 TOS: 0x00 This report (for 146.158.111.164) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇺🇸 RAP	2026-05-14 12:08:27 (1 month ago)	2026-05-14 12:08:27 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
🇩🇪 iNetWorker	2026-05-14 08:00:53 (1 month ago)	firewall-block, port(s): 2323/tcp	Port Scan
🇫🇷 security.rdmc.fr	2026-05-14 04:48:32 (1 month ago)	Port Scan Attack proto:TCP src:34806 dst:23	Port Scan
🇷🇸 Scan	2026-04-16 00:48:59 (1 month ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇫🇷 Duggy_Tuxy🧱	2026-04-09 07:39:41 (2 months ago)	[HP01-SRV01-FR] Blocked by SysWarden Firewall (Port Scan / Probing Port 553)	Port Scan
Anonymous	2025-11-26 04:07:30 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-21 22:43:22 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-09-19 11:07:58 (8 months ago)	Attacks with Bad user agents	Hacking
Anonymous	2024-07-12 02:53:52 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.202.112.211

🇧🇷 200.0.57.80

🇫🇷 91.231.89.155

🇺🇸 20.102.117.125

🇺🇸 20.64.105.248

🇨🇳 117.72.100.85

🇺🇸 2604:a880:400:d1:0:4:9633:d001

🇳🇱 172.71.183.90

🇷🇺 82.208.125.174

🇺🇸 66.132.172.144

🇸🇬 47.84.139.62

🇺🇸 35.237.107.113

🇺🇸 2a03:2880:7ff:71::

🇺🇸 207.241.173.85

🇱🇹 185.169.4.181

🇰🇷 123.212.9.122

🇮🇳 103.16.71.197

🇫🇷 85.204.70.114

🇦🇺 34.87.238.189

🇯🇵 8.216.83.237