JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.253.48.62

167.253.48.62 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Mumara
Usage Type	Data Center/Web Hosting/Transit
ASN	Unknown
Domain Name	mumara.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.253.48.62

Whois 167.253.48.62

IP Abuse Reports for 167.253.48.62:

This IP address has been reported a total of 15 times from 8 distinct sources. 167.253.48.62 was first reported on November 12th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-27 20:49:28 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 15:49:24.695013 2026] [security2:error] [pid 12154:tid 12154] [client 167.253.48.62:27199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ronjamestelevision.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ronjamestelevision.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaIDVOOaHcNdPfX_KtLdHQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-02-27 08:26:50 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Xbox; Xbox One) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edge/44.18363.8131 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2026-02-25 09:50:08 (3 months ago)	WP Login Scan Activities: "2026-02-25T16:50:08.019+07:00" "/wp-login.php" "167.253.48.62" "Mozilla/5 ... show more WP Login Scan Activities: "2026-02-25T16:50:08.019+07:00" "/wp-login.php" "167.253.48.62" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-02-21 03:34:22 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 22:34:18.707757 2026] [security2:error] [pid 4476:tid 4476] [client 167.253.48.62:21931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hotelausland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotelausland.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZknuqWKJCQ08_20PT46qgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-19 03:55:52 (3 months ago)	Multiple WAF Violations	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-30 23:28:46 (4 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-24 19:42:54 (4 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 09:45:12 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 04:45:08.697251 2026] [security2:error] [pid 8408:tid 8408] [client 167.253.48.62:21103] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|admin.turedinmobiliaria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "admin.turedinmobiliaria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXHxpCKXJ099HsWdTe_nhAAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-20 19:34:12 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.20 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.20 is noted in report timestamp show less	Hacking Brute-Force
🇺🇦 URAN Publishing Service	2026-01-16 06:16:37 (4 months ago)	167.253.48.62 - - [16/Jan/2026:08:16:35 +0200] "GET /wp-login.php HTTP/1.1" 404 335 "https://www.goo ... show more 167.253.48.62 - - [16/Jan/2026:08:16:35 +0200] "GET /wp-login.php HTTP/1.1" 404 335 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 167.253.48.62 - - [16/Jan/2026:08:16:36 +0200] "GET /wp-login.php HTTP/1.1" 404 335 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Web App Attack
🇵🇱 sefinek.net	2026-01-14 13:26:55 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /genshin-stella-mod UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12.5; rv:114.0) Gecko/20100101 Firefox/114.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 sefinek.net	2025-12-20 17:31:00 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-16 17:53:30 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 167.253.48.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 16 12:53:25.122848 2025] [security2:error] [pid 4977:tid 4977] [client 167.253.48.62:13387] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|amoriotech.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amoriotech.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aUGclVQ3ijVast30mXJxnwAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-12 01:35:03 (5 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 fbarela	2025-11-12 05:00:33 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 189.37.22.149

🇳🇱 172.71.99.44

🇺🇸 166.62.41.190

🇻🇳 160.250.132.165

🇩🇪 139.19.117.129

🇨🇳 124.174.92.23

🇩🇪 109.91.4.177

🇷🇴 92.118.39.236

🇺🇸 23.26.246.235

🇺🇸 2607:f8b0:4001:c2b::12a

🇬🇷 185.44.145.1

🇳🇱 172.70.46.87

🇳🇱 162.159.113.102

🇺🇸 84.37.180.102

🇨🇳 60.247.168.204

🇬🇧 35.203.210.172

🇷🇴 2.57.121.112

🇨🇳 220.181.108.147

🇦🇫 149.54.62.114

🇳🇬 98.97.79.139