JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 148.227.122.108

148.227.122.108 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 51%: ?

51%

ISP	Starlink Brazil Serviços de Internet Ltd
Usage Type	Fixed Line ISP
ASN	AS14593
Hostname(s)	customer.brsabra1.isp.starlink.com
Domain Name	starlink.com
Country	🇧🇷 Brazil
City	Brasilia, Federal District

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 148.227.122.108

Whois 148.227.122.108

IP Abuse Reports for 148.227.122.108:

This IP address has been reported a total of 17 times from 10 distinct sources. 148.227.122.108 was first reported on April 20th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Lunix	2026-06-16 23:01:58 (3 days ago)		Brute-Force Web App Attack
🇬🇧 noise.agency	2026-06-16 18:15:30 (4 days ago)	(wordpress) Failed wordpress login from 148.227.122.108 (BR/Brazil/customer.brsabra1.isp.starlink.co ... show more (wordpress) Failed wordpress login from 148.227.122.108 (BR/Brazil/customer.brsabra1.isp.starlink.com) show less	Brute-Force
🇫🇷 dynamix	2026-06-16 13:27:39 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 22:18:37 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 18:18:30.898415 2026] [security2:error] [pid 29147:tid 29147] [client 148.227.122.108:60555] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|se-advisorsgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "se-advisorsgroup.com"] [uri "/xmlrpc.php"] [unique_id "ajB6Nj5ycKEYiO9DxnVMJwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 18:14:54 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:14:46.932839 2026] [security2:error] [pid 29869:tid 29869] [client 148.227.122.108:13283] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|indoorsfinishing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "indoorsfinishing.com"] [uri "/xmlrpc.php"] [unique_id "ajBBFk5mNhx7adzJoy6omgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-15 15:02:44 (5 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 14:58:01 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 10:57:55.016932 2026] [security2:error] [pid 26205:tid 26205] [client 148.227.122.108:41915] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|fuentevictoria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fuentevictoria.com"] [uri "/xmlrpc.php"] [unique_id "ajAS8x7rvaMXl_mdVDkfHwAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 14:08:15 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 10:08:07.927942 2026] [security2:error] [pid 690:tid 690] [client 148.227.122.108:53012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|advantagept.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "advantagept.org"] [uri "/xmlrpc.php"] [unique_id "ai61x45JT5z5BqHrLLCnMQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-14 12:33:21 (6 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 19:17:33 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:17:26.105071 2026] [security2:error] [pid 30876:tid 30876] [client 148.227.122.108:56489] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|the-it-man.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "the-it-man.com"] [uri "/xmlrpc.php"] [unique_id "ai2sxgFfkU4e7mR8m9NY9gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 14:34:23 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:34:18.856606 2026] [security2:error] [pid 10588:tid 10588] [client 148.227.122.108:50699] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|vzan.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vzan.org"] [uri "/xmlrpc.php"] [unique_id "ai1qajYP9UXq8Hlqo0yp3AAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-13 12:50:47 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-12 19:35:31 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink ... show more (mod_security) mod_security (id:240335) triggered by 148.227.122.108 (customer.brsabra1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 15:35:24.315451 2026] [security2:error] [pid 5789:tid 5789] [client 148.227.122.108:54112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 148.227.122.108 (+1 hits since last alert)\|techoutletec.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "techoutletec.com"] [uri "/xmlrpc.php"] [unique_id "aixffMTdj1OmW7crUPvHCQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-12 19:20:06 (1 week ago)		Web App Attack
🇸🇪 vaia.cloud	2026-06-12 11:51:03 (1 week ago)	trying wp-login.php/xmlrpc.php 34 times in 1 minutes	Brute-Force Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.95.198.5

🇸🇬 107.155.56.47

🇺🇸 104.243.35.120

🇺🇸 66.132.172.208

🇺🇸 66.132.172.207

🇬🇧 51.195.183.179

🇺🇸 162.216.149.168

🇺🇸 66.132.172.206

🇺🇸 66.132.172.204

🇺🇸 66.132.172.203

🇳🇱 45.148.10.157

🇰🇷 222.110.147.58

🇺🇸 216.25.89.134

🇬🇧 213.171.208.62

🇧🇷 205.210.31.173

🇧🇷 200.229.166.91

🇺🇸 129.146.47.44

🇺🇸 66.132.172.198

🇺🇸 66.132.172.197

🇺🇸 66.132.172.196