JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 146.70.52.54

146.70.52.54 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 49%: ?

49%

ISP	M247 Moscow Infrastructure
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	m247global.com
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 146.70.52.54

Whois 146.70.52.54

IP Abuse Reports for 146.70.52.54:

This IP address has been reported a total of 71 times from 31 distinct sources. 146.70.52.54 was first reported on July 6th 2021, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 22:01:59 (23 hours ago)	(mod_security) mod_security (id:240335) triggered by 146.70.52.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 146.70.52.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:01:54.713329 2026] [security2:error] [pid 8591:tid 8607] [client 146.70.52.54:53726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 146.70.52.54 (+1 hits since last alert)\|travelusa.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelusa.us"] [uri "/xmlrpc.php"] [unique_id "ajW8Ur541CCOrawl8y1A5wAAAEo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-17 11:19:43 (3 days ago)	(wordpress) Failed wordpress login from 146.70.52.54 (RU/Russia/-)	Brute-Force
🇳🇱 ConsulHosting	2026-06-16 11:32:46 (4 days ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇫🇷 dynamix	2026-06-09 15:08:22 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-09 13:53:56 (1 week ago)	(wordpress) Failed wordpress login from 146.70.52.54 (RU/Russia/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 12:07:43 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 146.70.52.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 146.70.52.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:07:36.571316 2026] [security2:error] [pid 18168:tid 18168] [client 146.70.52.54:59306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 146.70.52.54 (+1 hits since last alert)\|saadeh.ws\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "saadeh.ws"] [uri "/xmlrpc.php"] [unique_id "aigCCN7skTrnYdUjsf8pYQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-06-06 19:27:42 (2 weeks ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:443 146.70.52.54 - - [06/Jun/2026:20:27:37 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:443 146.70.52.54 - - [06/Jun/2026:20:27:37 +0100] GET /wp-json/wp/v2/users/me?context=edit HTTP/1.1 401 869 - Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 show less	Web App Attack
🇩🇪 london2038.com	2026-06-05 00:59:02 (2 weeks ago)	146.70.52.54 - - [05/Jun/2026:02:58:57 +0200] "GET /wp-login.php HTTP/1.1" 404 4187 "-" "Mozilla/5.0 ... show more 146.70.52.54 - - [05/Jun/2026:02:58:57 +0200] "GET /wp-login.php HTTP/1.1" 404 4187 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 146.70.52.54 - - [05/Jun/2026:02:58:59 +0200] "GET /wp-login.php HTTP/1.1" 404 4187 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 146.70.52.54 - - [05/Jun/2026:02:59:02 +0200] "GET /wp-login.php HTTP/1.1" 404 4187 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" show less	Web App Attack
🇨🇦 electronico	2026-06-04 23:26:20 (2 weeks ago)	146.70.52.54 - - [05/Jun/2026:10:26:18 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "-" "Mozilla/5.0 ... show more 146.70.52.54 - - [05/Jun/2026:10:26:18 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 146.70.52.54 - - [05/Jun/2026:10:26:19 +1100] "POST /wp-login.php HTTP/1.1" 403 2107 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" 146.70.52.54 - - [05/Jun/2026:10:26:19 +1100] "GET /wp-admin/ HTTP/1.1" 302 443 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇹🇷 Detmach	2026-06-04 23:07:09 (2 weeks ago)	Security attack detected. Multiple failed attempts from 146.70.52.54. IP banned for 1440 minutes at ... show more Security attack detected. Multiple failed attempts from 146.70.52.54. IP banned for 1440 minutes at 05.06.2026 02:07:00. Failed attempts: 1 show less	Brute-Force
🇩🇪 paissangroup	2025-10-04 01:05:59 (8 months ago)	Multiple WAF Violations	Web App Attack
🇪🇸 10dencehispahard SL	2025-10-02 05:46:41 (8 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-09-19 11:47:04 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-08-19 11:40:34 (10 months ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
Anonymous	2024-06-24 11:30:40 (1 year ago)	Malicious activity detected	Hacking Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.199.32.174

🇺🇸 172.253.219.158

🇨🇳 110.17.4.183

🇦🇷 186.22.19.183

🇪🇬 156.206.16.62

🇺🇸 144.172.116.30

🇨🇳 120.48.54.98

🇺🇸 98.243.109.202

🇷🇴 80.94.92.171

🇺🇦 77.87.40.114

🇳🇱 45.148.10.240

🇬🇧 45.130.179.16

🇺🇸 45.79.109.130

🇺🇸 40.124.173.185

🇨🇳 36.102.165.119

🇩🇪 216.26.247.102

🇳🇱 212.92.104.228

🇨🇳 211.149.134.60

🇨🇴 200.71.39.107

🇩🇴 186.33.83.102