JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.175.148.155

178.175.148.155 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 70%: ?

70%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Trabia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43289
Domain Name	trabia.com
Country	🇲🇩 Moldova (the Republic of)
City	Chisinau, Chisinau Municipality

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.175.148.155

Whois 178.175.148.155

IP Abuse Reports for 178.175.148.155:

This IP address has been reported a total of 144 times from 66 distinct sources. 178.175.148.155 was first reported on May 6th 2021, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-07 22:56:11 (34 minutes ago)	(mod_security) mod_security (id:225170) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:56:03.145520 2026] [security2:error] [pid 335:tid 335] [client 178.175.148.155:26330] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|areafinancieratf.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "areafinancieratf.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiX3A2neQnSYHoQQfOiWngAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 netclix.gr	2026-06-06 15:55:24 (1 day ago)	(bot_qv) Bot Scraping QuickView 178.175.148.155 (MD/Moldova/-): 1 in the last 4600 secs; Ports: ; D ... show more (bot_qv) Bot Scraping QuickView 178.175.148.155 (MD/Moldova/-): 1 in the last 4600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 178.175.148.155 - - [06/Jun/2026:18:55:08 +0300] "GET /index.php?dispatch=products.quick_view&product_id=16054&prev_url=index.php%3Fdispatch%3Dcategories.view%26category_id%3D297%26page%3D8&n_items=16077%2C16068%2C16057%2C16056%2C16055%2C16054%2C16053%2C16052%2C16043%2C16042%2C16041%2C16040 HTTP/1.1" 302 5 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com)" show less	Port Scan
🇦🇺 oncord	2026-06-05 23:41:53 (1 day ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-31 11:52:46 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 07:52:39.857308 2026] [security2:error] [pid 22531:tid 22607] [client 178.175.148.155:53962] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|icbc-canada.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "icbc-canada.com"] [uri "/dump.sql"] [unique_id "ahwhB02930fQGabHBg-JOAAAAJA"], referer: icbc-canada.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-31 09:32:24 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 05:32:20.248937 2026] [security2:error] [pid 28763:tid 28763] [client 178.175.148.155:12750] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vexxarr.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vexxarr.com"] [uri "/dump.sql"] [unique_id "ahwAJPw7nCbJ-zAle8j4-AAAACA"], referer: vexxarr.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Ar1s	2026-05-31 03:34:40 (1 week ago)	[1:2522000] ET TOR Known Tor Relay/Router (Not Exit) Node Traffic ::: Port: 443/TCP	Exploited Host
🇺🇸 TPI-Abuse	2026-05-29 12:59:42 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 08:59:36.567947 2026] [security2:error] [pid 4077:tid 4077] [client 178.175.148.155:26198] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|stormstrips.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stormstrips.com"] [uri "/dump.sql"] [unique_id "ahmNuNc0S7JZUsE8hhF9mwAAAAk"], referer: stormstrips.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-29 10:43:23 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 06:43:17.725530 2026] [security2:error] [pid 29357:tid 29357] [client 178.175.148.155:25574] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.canonflorida.com.computersraleigh.com"] [uri "/.git/config"] [unique_id "ahltxTZmEJORUolh9_pyugAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 17:21:08 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 13:21:04.960436 2026] [security2:error] [pid 4712:tid 4712] [client 178.175.148.155:62342] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|blc2.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blc2.co"] [uri "/dump.sql"] [unique_id "ahh5gEzeJ75F3YfSYG8ekQAAADU"], referer: blc2.co/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-05-27 18:41:33 (1 week ago)	(plesk-panel) Failed plesk-panel login with username [redacted] from 178.175.148.155 (MD/Moldova/-/- ... show more (plesk-panel) Failed plesk-panel login with username [redacted] from 178.175.148.155 (MD/Moldova/-/-/-) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-05-27 11:16:13 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 07:16:05.668245 2026] [security2:error] [pid 14722:tid 14722] [client 178.175.148.155:10758] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|towlefarmcommunity.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "towlefarmcommunity.org"] [uri "/dump.sql"] [unique_id "ahbSdU0lcYucPEXnca5VYAAAAAQ"], referer: towlefarmcommunity.org/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 07:29:30 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 03:29:22.550999 2026] [security2:error] [pid 7471:tid 7471] [client 178.175.148.155:19862] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|oowoah.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "oowoah.com"] [uri "/dump.sql"] [unique_id "ahadUinpmESFYiNT1MvYbwAAAAY"], referer: oowoah.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2026-05-27 06:04:07 (1 week ago)	(From [email protected]) dlfp11	Phishing Web Spam
🇦🇺 oncord	2026-05-26 23:07:09 (1 week ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-26 10:13:16 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 178.175.148.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 06:13:09.503481 2026] [security2:error] [pid 24447:tid 24463] [client 178.175.148.155:30234] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|accreditedprojectmanager.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "accreditedprojectmanager.com"] [uri "/dump.sql"] [unique_id "ahVyNcxtOCz-ShDxZo2cvgAAAUw"], referer: accreditedprojectmanager.com/dump.sql show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 118.193.61.170

🇹🇭 61.7.159.134

🇳🇱 45.148.10.121

🇨🇳 118.145.237.236

🇨🇦 57.134.215.133

🇳🇱 45.128.199.185

🇹🇳 41.228.240.206

🇨🇳 202.46.62.11

🇲🇦 160.177.249.65

🇯🇵 119.150.216.7

🇮🇩 112.78.133.162

🇰🇷 58.224.62.29

🇮🇳 38.137.59.10

🇹🇷 31.145.114.35

🇺🇸 2607:f8b0:4001:c34::123

🇺🇸 217.216.84.206

🇺🇸 205.210.31.102

🇹🇼 198.235.24.48

🇨🇱 190.5.34.185

🇹🇳 154.110.4.241