JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 161.248.200.178

161.248.200.178 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 74%: ?

74%

ISP	ExtentIT Solution Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS154434
Domain Name	extentitsolution.com
Country	🇧🇩 Bangladesh
City	Kafrul, Dhaka Division

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 161.248.200.178

Whois 161.248.200.178

IP Abuse Reports for 161.248.200.178:

This IP address has been reported a total of 62 times from 26 distinct sources. 161.248.200.178 was first reported on December 9th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hazzard	2026-06-07 20:54:40 (2 hours ago)	(wordpress) Failed wordpress login from 161.248.200.178 (BD/Bangladesh/Dhaka Division/Dhaka/-/[redac ... show more (wordpress) Failed wordpress login from 161.248.200.178 (BD/Bangladesh/Dhaka Division/Dhaka/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇲🇽 octageeks.com	2026-06-07 04:09:28 (18 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇲🇹 Malta	2026-06-06 21:50:52 (1 day ago)	161.248.200.178 - - [06/Jun/2026:23:50:51 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Li ... show more 161.248.200.178 - - [06/Jun/2026:23:50:51 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 Ba-Yu	2026-06-06 13:20:36 (1 day ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 xxkodedxx	2026-06-06 05:16:44 (1 day ago)	[Zorvexus edge-defense] GET .env / WordPress honeypot probe Trigger: 1× honeypot-get in 10m window. ... show more [Zorvexus edge-defense] GET .env / WordPress honeypot probe Trigger: 1× honeypot-get in 10m window. Active: 05:16:30→05:16:31 UTC Volume: 2 honeypot probe(s) Bait taken: /wp-login.php UA: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Auto-banned 30d. zorvexus-banner. show less	Bad Web Bot Web App Attack
🇲🇹 Malta	2026-06-05 19:11:34 (2 days ago)	161.248.200.178 - - [05/Jun/2026:21:11:34 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macinto ... show more 161.248.200.178 - - [05/Jun/2026:21:11:34 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇲🇹 Malta	2026-06-04 15:02:28 (3 days ago)	161.248.200.178 - - [04/Jun/2026:17:02:28 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ... show more 161.248.200.178 - - [04/Jun/2026:17:02:28 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇫🇷 ELYAZ	2026-06-03 19:09:35 (4 days ago)	(y4) Failed scan -byebye- from 161.248.200.178 (BD/Bangladesh/-): (CF_ENABLE)	Hacking
🇺🇸 TPI-Abuse	2026-06-03 02:47:50 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 161.248.200.178 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 161.248.200.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 22:47:41.566466 2026] [security2:error] [pid 18449:tid 18449] [client 161.248.200.178:42436] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mariarozella.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mariarozella.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah-VzVsKgfLlSBGoh58dOwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-02 22:47:44 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇦🇺 paulshipley.com.au	2026-06-02 20:13:57 (5 days ago)	shotbysuzanne.com.au:443 161.248.200.178 - - [03/Jun/2026:06:13:55 +1000] "GET /?author=36 HTTP/1.1" ... show more shotbysuzanne.com.au:443 161.248.200.178 - - [03/Jun/2026:06:13:55 +1000] "GET /?author=36 HTTP/1.1" 404 121224 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 18:01:47 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 161.248.200.178 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 161.248.200.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:01:38.817469 2026] [security2:error] [pid 1979:tid 1979] [client 161.248.200.178:60260] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gabbyspetnanny.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gabbyspetnanny.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah8agpCoGFMKyoAjJG7ZKQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-01 09:19:17 (6 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇩🇪 FeG Deutschland	2026-05-30 23:55:54 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇦🇺 paulshipley.com.au	2026-05-30 23:34:17 (1 week ago)	levellapromotions.com.au:443 161.248.200.178 - - [31/May/2026:09:34:14 +1000] "GET /?author=5 HTTP/1 ... show more levellapromotions.com.au:443 161.248.200.178 - - [31/May/2026:09:34:14 +1000] "GET /?author=5 HTTP/1.1" 404 346466 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 165.154.134.156

🇩🇪 130.12.180.153

🇧🇬 79.124.40.174

🇺🇸 66.132.172.204

🇺🇸 20.169.91.107

🇺🇸 216.126.236.108

🇩🇪 209.38.237.233

🇺🇸 195.184.76.80

🇸🇪 193.138.218.204

🇨🇦 178.93.201.198

🇩🇪 167.94.146.52

🇩🇪 167.94.145.27

🇺🇸 156.229.163.164

🇺🇸 147.185.132.216

🇨🇳 139.170.73.14

🇺🇸 109.105.210.53

🇭🇰 103.231.14.54

🇭🇰 103.210.238.204

🇨🇮 102.209.221.188

🇺🇸 66.132.172.39