JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.182.222.164

154.182.222.164 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	TE Data
Usage Type	Fixed Line ISP
ASN	AS8452
Domain Name	tedata.net
Country	🇪🇬 Egypt
City	Giza, Giza

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.182.222.164

Whois 154.182.222.164

IP Abuse Reports for 154.182.222.164:

This IP address has been reported a total of 29 times from 18 distinct sources. 154.182.222.164 was first reported on June 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 09:13:45 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 05:13:40.974902 2026] [security2:error] [pid 479:tid 479] [client 154.182.222.164:57661] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|j3pr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "j3pr.com"] [uri "/xmlrpc.php"] [unique_id "aj-URNF__bNro9cl-QewPgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 06:26:09 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:26:03.139356 2026] [security2:error] [pid 28847:tid 28847] [client 154.182.222.164:65476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|proyectando.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "proyectando.com"] [uri "/xmlrpc.php"] [unique_id "aj9s-_a5ZZjVkDBVaAMupgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 05:23:43 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 01:23:36.921956 2026] [security2:error] [pid 31871:tid 31943] [client 154.182.222.164:50769] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|rawhabitat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rawhabitat.com"] [uri "/xmlrpc.php"] [unique_id "aj9eWDEmAkaTzcgKC6u4pwAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 05:06:46 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 04:22:07 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:22:01.760647 2026] [security2:error] [pid 2392:tid 2392] [client 154.182.222.164:55421] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|tonytremblayauthor.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tonytremblayauthor.com"] [uri "/xmlrpc.php"] [unique_id "aj9P6cVxU_ETnAb2-xS6VQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 03:51:52 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:51:47.419126 2026] [security2:error] [pid 31579:tid 31579] [client 154.182.222.164:60948] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|investorsfundingusa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "investorsfundingusa.com"] [uri "/xmlrpc.php"] [unique_id "aj9I0wbrzxtaMOYlJkm-SgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 01:34:10 (1 day ago)	Attac	Brute-Force
🇳🇱 Site.eu	2026-06-26 22:44:20 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 tecnicorioja	2026-06-26 22:00:09 (2 days ago)	POST /xmlrpc.php [26/Jun/2026:12:26:01	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 20:49:43 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 16:49:38.854609 2026] [security2:error] [pid 29350:tid 29350] [client 154.182.222.164:53954] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|qed-consulting.co\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "qed-consulting.co"] [uri "/xmlrpc.php"] [unique_id "aj7l4g9-2NtgwEkNF926rgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 20:39:35 (2 days ago)	154.182.222.164 - - [26/Jun/2026:22:39:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 154.182.222.164 ... show more 154.182.222.164 - - [26/Jun/2026:22:39:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 154.182.222.164 - - [26/Jun/2026:22:39:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 ... show less	Brute-Force Bad Web Bot
🇬🇧 noise.agency	2026-06-26 18:41:57 (2 days ago)	(wordpress) Failed wordpress login from 154.182.222.164 (EG/Egypt/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 17:38:39 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 13:38:34.223822 2026] [security2:error] [pid 4076:tid 4085] [client 154.182.222.164:59057] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|hooknpatch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hooknpatch.com"] [uri "/xmlrpc.php"] [unique_id "aj65GioiXyGRnpMZ0SZHkQAAAUc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 16:06:44 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:06:40.827366 2026] [security2:error] [pid 15828:tid 15850] [client 154.182.222.164:60306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|jpdesign.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jpdesign.us"] [uri "/xmlrpc.php"] [unique_id "aj6jkF14N49SuhzmloI1MwAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 15:33:50 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 154.182.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:33:44.842082 2026] [security2:error] [pid 4837:tid 4837] [client 154.182.222.164:59026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.182.222.164 (+1 hits since last alert)\|drgtek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drgtek.com"] [uri "/xmlrpc.php"] [unique_id "aj6b2JDl5RnJhpFSPKGAEQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.42.116.45

🇧🇷 187.111.144.30

🇨🇳 180.76.185.216

🇺🇸 172.234.218.87

🇬🇧 165.232.32.162

🇺🇸 65.110.40.115

🇨🇳 60.173.164.3

🇺🇸 54.175.127.30

🇨🇳 47.121.28.46

🇺🇸 35.153.138.204

🇸🇪 4.225.202.230

🇺🇸 3.83.112.186

🇸🇬 2406:da18:1f0b:bc00:ed7a:c5e:5357:8df

🇪🇸 217.154.106.153

🇧🇷 189.114.136.231

🇮🇩 182.13.96.107

🇩🇪 158.101.161.27

🇨🇦 138.197.157.130

🇨🇳 110.249.201.190

🇩🇪 109.91.4.177