JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.253.48.239

167.253.48.239 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Mumara
Usage Type	Data Center/Web Hosting/Transit
ASN	Unknown
Domain Name	mumara.com
Country	🇺🇸 United States of America
City	Wilmington, Delaware

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.253.48.239

Whois 167.253.48.239

IP Abuse Reports for 167.253.48.239:

This IP address has been reported a total of 7 times from 7 distinct sources. 167.253.48.239 was first reported on September 24th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-14 20:10:12 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.48.239 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 167.253.48.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 15:10:08.878253 2026] [security2:error] [pid 15906:tid 15906] [client 167.253.48.239:19567] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|amoriotech.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amoriotech.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZDWoFJnXjTXU9n6OHgH6QAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-02-09 14:42:04 (4 months ago)	[redacted] 167.253.48.239 - - [09/Feb/2026:15:42:00 +0100] "GET /[redacted] HTTP/1.1" 302 1562 0/129 ... show more [redacted] 167.253.48.239 - - [09/Feb/2026:15:42:00 +0100] "GET /[redacted] HTTP/1.1" 302 1562 0/129173 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 167.253.48.239 - - [09/Feb/2026:15:42:03 +0100] "GET /[redacted] HTTP/1.1" 302 1563 0/49960 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇫🇷 masterguru	2025-12-23 11:18:44 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 167.253.48.239 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 167.253.48.239 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
Anonymous	2025-12-04 07:36:24 (6 months ago)	botnet	DDoS Attack
🇫🇷 Jean Valjean	2024-10-29 13:48:10 (1 year ago)	Fail2ban Caboom : wp-login.php Bruteforce	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2024-10-19 13:56:11 (1 year ago)	XML RPC Scan Activities	Brute-Force Web App Attack
🇷🇺 sms.ru	2024-09-24 15:10:04 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.131.139.70

🇮🇶 185.166.25.150

🇰🇷 183.98.212.74

🇳🇱 51.15.120.216

🇳🇨 203.147.75.53

🇳🇱 195.170.172.128

🇺🇸 172.236.228.208

🇬🇧 165.154.174.108

🇮🇩 108.137.8.107

🇸🇬 103.13.207.26

🇷🇺 95.86.231.237

🇦🇪 86.98.209.247

🇺🇸 23.95.217.16

🇨🇳 221.198.83.195

🇰🇪 196.216.85.57

🇨🇳 180.76.176.249

🇺🇸 161.35.124.147

🇫🇷 109.205.181.77

🇨🇳 103.208.15.150

🇲🇦 81.192.46.32