JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.73.0.178

165.73.0.178 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	AFRIHOST SP (PTY) LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37611
Hostname(s)	technoflexibles.dedicated.co.za
Domain Name	afrihost.com
Country	🇿🇦 South Africa
City	Johannesburg, Gauteng

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.73.0.178

Whois 165.73.0.178

IP Abuse Reports for 165.73.0.178:

This IP address has been reported a total of 29 times from 25 distinct sources. 165.73.0.178 was first reported on June 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-06-26 22:02:28 (1 day ago)	wp-login attack [26/Jun/2026:17:42:19	Brute-Force Web App Attack
🇬🇧 BRHosting	2026-06-26 21:23:02 (1 day ago)	Wordpress brute force attack for login credentials (eg xmlrc.php or wp-login.php)	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-26 21:03:37 (1 day ago)	2.134 requests from abuseipdb.com blacklisted IP (9mos3w5d)	Brute-Force Bad Web Bot
Anonymous	2026-06-26 20:41:57 (1 day ago)	2026-06-26T20:55:25.298363+02:00 aion wordpress[730454]: Authentication attempt for unknown user mic ... show more 2026-06-26T20:55:25.298363+02:00 aion wordpress[730454]: Authentication attempt for unknown user michael from 165.73.0.178 2026-06-26T22:41:55.916468+02:00 aion wordpress[758060]: Authentication attempt for unknown user michael from 165.73.0.178 ... show less	Hacking Brute-Force
🇺🇸 etu brutus	2026-06-26 20:12:33 (1 day ago)	165.73.0.178 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 19:55:05 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 165.73.0.178 (technoflexibles.dedicated.co.za): ... show more (mod_security) mod_security (id:225170) triggered by 165.73.0.178 (technoflexibles.dedicated.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 15:54:58.423352 2026] [security2:error] [pid 27979:tid 27987] [client 165.73.0.178:57136] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sandiegosamsolo.com.workconfident.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sandiegosamsolo.com.workconfident.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj7ZEjLscLP-J_K_WqGUmAAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-06-26 19:00:32 (1 day ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 165.73.0.178 - - [26/Jun/2026:20:00:27 +0100] PO ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 165.73.0.178 - - [26/Jun/2026:20:00:27 +0100] POST /wp-login.php HTTP/2.0 503 19159 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0 show less	Web App Attack
🇩🇪 london2038.com	2026-06-26 18:33:22 (1 day ago)	Attacking WordPress 165.73.0.178 - - [26/Jun/2026:20:33:18 +0200] "POST /wp-login.php HTTP/2.0" 503 ... show more Attacking WordPress 165.73.0.178 - - [26/Jun/2026:20:33:18 +0200] "POST /wp-login.php HTTP/2.0" 503 19291 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇺🇸 nationaleventpros.com	2026-06-26 17:02:29 (1 day ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 15:35:28 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 165.73.0.178 (technoflexibles.dedicated.co.za): ... show more (mod_security) mod_security (id:225170) triggered by 165.73.0.178 (technoflexibles.dedicated.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:35:23.818321 2026] [security2:error] [pid 7540:tid 7540] [client 165.73.0.178:49872] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|terfgunclub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "terfgunclub.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj6cO1LzDuznafxx5SI5zgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 15:19:03 (1 day ago)	Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/2.0, GET /wp-login.php HTTP/2.0	Hacking Web App Attack
🇩🇪 F242	2026-06-26 15:08:57 (1 day ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇷🇴 SpamStopper	2026-06-26 14:12:04 (1 day ago)	Fail2Ban - WP Spoofing	Port Scan Brute-Force Web App Attack
🇫🇷 tilellit.pro	2026-06-26 13:59:51 (1 day ago)	Fail2Ban banned 165.73.0.178 for security violations in jail wp-armour. Log: 2026/06/26 13:59:50 [er ... show more Fail2Ban banned 165.73.0.178 for security violations in jail wp-armour. Log: 2026/06/26 13:59:50 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 165.73.0.178 \| Target: wplogin" , client: 165.73.0.178, server: [REDACTED], request: "POST /wp-login.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://espsformacion.com/wp-login.php" ... show less	Web Spam
🇩🇪 Hazzard	2026-06-26 13:14:42 (1 day ago)	(wordpress) Failed wordpress login from 165.73.0.178 (ZA/South Africa/Gauteng/Johannesburg/technofle ... show more (wordpress) Failed wordpress login from 165.73.0.178 (ZA/South Africa/Gauteng/Johannesburg/technoflexibles.dedicated.co.za/[redacted]): (CF_ENABLE) show less	Brute-Force

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.20

🇹🇭 118.194.250.232

🇧🇪 198.235.24.163

🇬🇧 193.176.29.27

🇷🇺 188.0.169.68

🇺🇸 184.105.139.67

🇧🇼 168.167.72.132

🇮🇳 154.84.242.115

🇨🇳 116.179.37.232

🇺🇸 104.194.10.248

🇫🇷 104.28.155.131

🇧🇩 103.177.243.4

🇳🇱 91.92.40.237

🇲🇰 77.28.9.87

🇺🇸 66.132.224.231

🇺🇸 66.132.186.244

🇺🇸 66.132.172.102

🇩🇪 64.89.163.167

🇭🇰 45.142.154.87

🇺🇸 45.79.109.130