AbuseIPDB » 178.222.94.229
178.222.94.229
This IP was reported 9 times. Confidence of
Abuse
is 43% : ?
ISP
TELEKOM SRBIJA, ADSL users
Usage Type
Fixed Line ISP
ASN
AS8400
Hostname(s)
178-222-94-229.dynamic.isp.telekom.rs
Domain Name
mts.rs
Country
๐ท๐ธ
Serbia
City
Kragujevac, Central Serbia
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 178.222.94.229 :
This IP address has been reported a total of
9
times from
6 distinct
sources.
178.222.94.229 was first reported on
June 14th 2026 , and the most recent report was
1 day ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
2026-06-15 13:45:06
(1 day ago)
(wordpress) Failed wordpress login from 178.222.94.229 (RS/Serbia/178-222-94-229.dynamic.isp.telekom ...
show more
(wordpress) Failed wordpress login from 178.222.94.229 (RS/Serbia/178-222-94-229.dynamic.isp.telekom.rs)
show less
Brute-Force
๐ฉ๐ช
rh24
2026-06-15 13:44:32
(1 day ago)
(wordpress) Failed wordpress login from 178.222.94.229 (RS/Serbia/178-222-94-229.dynamic.isp.telekom ...
show more
(wordpress) Failed wordpress login from 178.222.94.229 (RS/Serbia/178-222-94-229.dynamic.isp.telekom.rs): (CF_ENABLE)
show less
Brute-Force
๐ซ๐ท
dynamix
2026-06-15 12:00:43
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-14 22:38:35
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 18:30:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.tele ...
show more
(mod_security) mod_security (id:240335) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:30:01.728742 2026] [security2:error] [pid 31841:tid 31841] [client 178.222.94.229:59081] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.222.94.229 (+1 hits since last alert)|nordicbuilders.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicbuilders.net"] [uri "/xmlrpc.php"] [unique_id "ai7zKW0W2uxs4U0NQxZMIgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 16:20:26
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.tele ...
show more
(mod_security) mod_security (id:240335) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 12:20:20.234462 2026] [security2:error] [pid 23086:tid 23086] [client 178.222.94.229:34739] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.222.94.229 (+1 hits since last alert)|silalaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "silalaw.com"] [uri "/xmlrpc.php"] [unique_id "ai7UxPns5OK0lpP2i7NcPgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 15:48:50
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.tele ...
show more
(mod_security) mod_security (id:240335) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 11:48:45.071119 2026] [security2:error] [pid 598:tid 667] [client 178.222.94.229:61806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.222.94.229 (+1 hits since last alert)|rawhabitat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rawhabitat.com"] [uri "/xmlrpc.php"] [unique_id "ai7NXbXyJNNAC-CmWXr80gAAAdI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-06-14 15:44:10
(2 days ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-14 11:28:57
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.tele ...
show more
(mod_security) mod_security (id:225170) triggered by 178.222.94.229 (178-222-94-229.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 07:28:50.888397 2026] [security2:error] [pid 4071:tid 4071] [client 178.222.94.229:61672] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||astglobaltech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "astglobaltech.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai6QcnhqAqc8GlzvdiOu4AAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: