JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.248.4.164

178.248.4.164 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 71%: ?

71%

ISP	Consumer Internet Cooperative PG-19
Usage Type	Fixed Line ISP
ASN	AS60246
Domain Name	pg19.ru
Country	🇷🇺 Russian Federation
City	Taganrog, Rostov

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.248.4.164

Whois 178.248.4.164

IP Abuse Reports for 178.248.4.164:

This IP address has been reported a total of 20 times from 16 distinct sources. 178.248.4.164 was first reported on January 31st 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Mangelot Hosting	2026-06-08 01:59:34 (6 days ago)	(wp_login_try) srv101 WP Login Attempt 178.248.4.164 (RU/Russia/-): 10 in the last 3600 secs; Ports: ... show more (wp_login_try) srv101 WP Login Attempt 178.248.4.164 (RU/Russia/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 noise.agency	2026-06-08 01:58:49 (6 days ago)	(wordpress) Failed wordpress login from 178.248.4.164 (RU/Russia/-)	Brute-Force
🇨🇿 plzenskypruvodce.cz	2026-06-08 01:44:53 (6 days ago)	2026-06-08T03:44:51.899790+02:00 web wordpress(varhanykolin.cz)[1117953]: Immediately block connecti ... show more 2026-06-08T03:44:51.899790+02:00 web wordpress(varhanykolin.cz)[1117953]: Immediately block connections from 178.248.4.164 ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 01:44:15 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:44:08.891322 2026] [security2:error] [pid 6686:tid 6686] [client 178.248.4.164:50904] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pulleasy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pulleasy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiYeaAfxxH_OfbK5qEHIWQAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 01:01:59 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:01:55.158765 2026] [security2:error] [pid 26829:tid 26829] [client 178.248.4.164:52296] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|terrageosynthetics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "terrageosynthetics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiYUgzuO1WjQFhMX13U10QAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 23:13:11 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:13:07.826220 2026] [security2:error] [pid 9788:tid 9788] [client 178.248.4.164:52606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.intelerium.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.intelerium.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiX7A0XOiCYPo4GSN77vtwAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-07 22:00:58 (6 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 abdubhai	2026-06-07 19:46:50 (6 days ago)	178.248.4.164 - - [08/Jun/2026:0 ...	Brute-Force
🇩🇪 LRob.fr	2026-06-07 18:30:03 (6 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 oralunal	2026-06-07 17:21:42 (6 days ago)	IP banned by Fail2Ban in jail its-suss access.log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 17:19:40 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.248.4.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:19:35.841519 2026] [security2:error] [pid 1784:tid 1784] [client 178.248.4.164:52248] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vintageamptubes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vintageamptubes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiWoJ19b0lmVN74il8xbUQAAABM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-06-07 16:55:04 (6 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-06-07 16:41:28 (6 days ago)	178.248.4.164 - - [08/Jun/2026:00:41:28 +0800] "POST /xmlrpc.php HTTP/1.1" 200 30686 "-" "Apache-Htt ... show more 178.248.4.164 - - [08/Jun/2026:00:41:28 +0800] "POST /xmlrpc.php HTTP/1.1" 200 30686 "-" "Apache-HttpClient/4.5.13 (Java/21.0.7)" ... show less	Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-07 16:24:00 (6 days ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN RU/Russia/-	Web App Attack
🇬🇧 masterguru	2026-06-07 16:09:38 (1 week ago)	WordPress: User enumeration. Pattern match "(author\\\\= (88030-185)	Hacking

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.209.166

🇨🇳 120.232.0.21

🇨🇳 106.38.205.224

🇳🇬 102.91.93.17

🇲🇽 98.98.33.36

🇳🇱 91.92.40.11

🇫🇷 85.217.140.3

🇮🇹 83.224.177.45

🇧🇷 45.205.1.243

🇨🇳 221.12.37.6

🇬🇧 193.163.125.203

🇮🇶 185.166.25.150

🇺🇸 185.61.219.128

🇧🇩 182.48.68.82

🇮🇹 172.253.13.155

🇮🇳 154.84.242.115

🇻🇳 103.7.41.117

🇻🇳 14.225.7.70

🇷🇺 2.63.211.145

🇧🇷 179.83.134.101