JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 167.56.104.146

167.56.104.146 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 44%: ?

44%

ISP	Administracion Nacional de Telecomunicaciones
Usage Type	Fixed Line ISP
ASN	AS6057
Hostname(s)	r167-56-104-146.dialup.adsl.anteldata.net.uy
Domain Name	antel.com.uy
Country	🇺🇾 Uruguay
City	Montevideo, Montevideo Department

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 167.56.104.146

Whois 167.56.104.146

IP Abuse Reports for 167.56.104.146:

This IP address has been reported a total of 11 times from 7 distinct sources. 167.56.104.146 was first reported on December 10th 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 08:03:33 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.ant ... show more (mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.anteldata.net.uy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 04:03:29.273804 2026] [security2:error] [pid 20368:tid 20383] [client 167.56.104.146:8021] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|emehache.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "emehache.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah_f0RMYOxV-ytdNErBikgAAAMw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 06:31:25 (19 hours ago)	(PERMBLOCK) 167.56.104.146 (UY/Uruguay/r167-56-104-146.dialup.adsl.anteldata.net.uy) has had more th ... show more (PERMBLOCK) 167.56.104.146 (UY/Uruguay/r167-56-104-146.dialup.adsl.anteldata.net.uy) has had more than 4 temp blocks show less	Hacking
Anonymous	2026-06-03 06:07:18 (19 hours ago)	(wordpress) Failed wordpress login from 167.56.104.146 (UY/Uruguay/r167-56-104-146.dialup.adsl.antel ... show more (wordpress) Failed wordpress login from 167.56.104.146 (UY/Uruguay/r167-56-104-146.dialup.adsl.anteldata.net.uy) show less	Brute-Force
🇨🇭 zynex	2026-06-03 03:34:54 (22 hours ago)	URL Probing: /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 21:35:38 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.ant ... show more (mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.anteldata.net.uy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:35:31.721150 2026] [security2:error] [pid 11471:tid 11471] [client 167.56.104.146:45227] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|xyncom.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "xyncom.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah9Mo8XHSdH-cPwZQjsamwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-02 19:00:08 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 16:29:30 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.ant ... show more (mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.anteldata.net.uy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 12:29:24.920322 2026] [security2:error] [pid 2348:tid 2348] [client 167.56.104.146:2587] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|solarfarms.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "solarfarms.info"] [uri "/wp-json/wp/v2/users"] [unique_id "ah8E5BryyyU2q-yYVtswPwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-02 10:12:03 (1 day ago)	Unauthorized access to webpage admin	Web App Attack
🇬🇧 venus.launch.bz	2026-06-02 08:42:25 (1 day ago)	(wpscan) WordPress probe detected from 167.56.104.146 (UY/Uruguay/r167-56-104-146.dialup.adsl.anteld ... show more (wpscan) WordPress probe detected from 167.56.104.146 (UY/Uruguay/r167-56-104-146.dialup.adsl.anteldata.net.uy) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-02 04:42:39 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.ant ... show more (mod_security) mod_security (id:225170) triggered by 167.56.104.146 (r167-56-104-146.dialup.adsl.anteldata.net.uy): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 00:42:31.211529 2026] [security2:error] [pid 5789:tid 5789] [client 167.56.104.146:8696] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|georgegourmet.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "georgegourmet.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah5fNxb2xbt0S6523eOhWQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-10 09:43:01 (5 months ago)	botnet	DDoS Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.218.206.114

🇹🇭 203.172.247.18

🇮🇳 139.59.30.229

🇺🇸 40.77.167.56

🇺🇸 154.50.139.113

🇩🇪 104.248.130.89

🇺🇸 68.164.146.9

🇺🇸 65.49.1.175

🇳🇱 45.142.193.9

🇨🇳 223.112.202.188

🇺🇸 208.88.75.246

🇦🇷 181.28.90.224

🇸🇬 167.99.72.161

🇵🇰 154.198.98.4

🇺🇸 143.42.164.204

🇺🇸 142.93.196.155

🇺🇸 100.28.153.226

🇵🇱 80.49.158.68

🇺🇸 66.132.172.245

🇺🇸 65.49.1.153