AbuseIPDB » 159.148.126.185
159.148.126.185 was found in our database!
This IP was reported 4 times. Confidence of
Abuse
is 2% : ?
ISP
SIA BITE Latvija
Usage Type
Fixed Line ISP
ASN
AS210906
Domain Name
bi.lt
Country
πΊπΈ
United States of America
City
Atlanta, Georgia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 159.148.126.185 :
This IP address has been reported a total of
4
times from
3 distinct
sources.
159.148.126.185 was first reported on
July 26th 2024 , and the most recent report was
2 weeks ago .
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
2026-06-29 02:35:32
(2 weeks ago)
Malicious activity detected
Hacking
Web App Attack
π―π΅
Short-legs-Spider
2026-02-24 23:31:06
(4 months ago)
Disregard of robots.txt
--
[25/Feb/2026:08:31:06 +0900] "GET /==0.htm HTTP/2.0" 403 76 "-" "Mozill ...
show more
Disregard of robots.txt
--
[25/Feb/2026:08:31:06 +0900] "GET /==0.htm HTTP/2.0" 403 76 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36"
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-09-05 00:41:08
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 159.148.126.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 159.148.126.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 20:41:03.001288 2025] [security2:error] [pid 3768:tid 3768] [client 159.148.126.185:25602] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.civilwarzone.com|F|2"] [data ".dll"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.civilwarzone.com"] [uri "/~site/Scripts_ExternalRedirect/ExternalRedirect.dll"] [unique_id "aLoxngclxkPbQfKAw31REwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-07-26 09:44:13
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 159.148.126.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 159.148.126.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 26 05:44:07.637083 2024] [security2:error] [pid 24448:tid 24448] [client 159.148.126.185:42172] [client 159.148.126.185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.vangentholding.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vangentholding.com"] [uri "/wp-json/wp/v2/users/7643"] [unique_id "ZqNv551F1RFmARgxDOtrmQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
4
of 4 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: