JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 122.3.145.254

122.3.145.254 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 56%: ?

56%

ISP	IPG
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	mail.kflmanpoweragency.com
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Quezon City, National Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 122.3.145.254

Whois 122.3.145.254

IP Abuse Reports for 122.3.145.254:

This IP address has been reported a total of 27 times from 15 distinct sources. 122.3.145.254 was first reported on March 6th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 08:02:00 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 04:01:56.142854 2026] [security2:error] [pid 16625:tid 16625] [client 122.3.145.254:52900] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 122.3.145.254 (+1 hits since last alert)\|gegkal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gegkal.com"] [uri "/xmlrpc.php"] [unique_id "aiPT9Fe8_S4X5GrwdjSX7wAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-06 00:17:10 (13 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-05 07:11:54 (1 day ago)		Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 03:29:56 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:29:50.785651 2026] [security2:error] [pid 31470:tid 31478] [client 122.3.145.254:65071] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 122.3.145.254 (+1 hits since last alert)\|whatismetamodern.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "aiJCrjYUW8anbJWQggbB1QAAAUU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-05 02:25:06 (1 day ago)		Web App Attack
Anonymous	2026-06-05 00:47:03 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-06-01 07:27:51 (5 days ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (30/60 min)'; Requests=30	Port Scan
Anonymous	2026-05-28 00:22:14 (1 week ago)	Attac	Brute-Force
Anonymous	2026-05-22 05:26:23 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-18 00:46:13 (2 weeks ago)	Attac	Brute-Force
🇨🇿 huginet	2026-05-13 05:48:51 (3 weeks ago)	122.3.145.254 - - [13/May/2026:07:48:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by W ... show more 122.3.145.254 - - [13/May/2026:07:48:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Jetpack by WordPress.com" 122.3.145.254 - - [13/May/2026:07:48:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "WordPress.com; https://wordpress.com" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-13 04:12:34 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 13 00:12:30.668655 2026] [security2:error] [pid 26384:tid 26384] [client 122.3.145.254:61104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 122.3.145.254 (+1 hits since last alert)\|avvmarchetticollini.it\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avvmarchetticollini.it"] [uri "/xmlrpc.php"] [unique_id "agP6Ltbvwrl-9xKmcYoonAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-05-07 06:37:48 (4 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 04:03:36 (4 weeks ago)	(mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 00:03:30.390010 2026] [security2:error] [pid 12138:tid 12138] [client 122.3.145.254:57493] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 122.3.145.254 (+1 hits since last alert)\|fundaciondamashcc.org.ec\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundaciondamashcc.org.ec"] [uri "/xmlrpc.php"] [unique_id "afwPEos6-mZM4TF9IJQnkgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 01:30:47 (4 weeks ago)	(mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 122.3.145.254 (mail.kflmanpoweragency.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 21:30:43.480559 2026] [security2:error] [pid 374:tid 374] [client 122.3.145.254:65252] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 122.3.145.254 (+1 hits since last alert)\|marklex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "marklex.com"] [uri "/xmlrpc.php"] [unique_id "afvrQ51P0QhrBQNLrg6E0AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.111.170

🇫🇮 147.185.133.34

🇻🇳 113.181.44.91

🇧🇷 45.229.1.24

🇦🇷 43.229.9.247

🇷🇴 2.57.121.25

🇮🇷 185.218.139.36

🇨🇳 121.224.115.232

🇳🇱 45.148.10.152

🇺🇸 18.246.76.132

🇫🇷 185.177.72.69

🇨🇳 182.54.23.213

🇺🇸 172.217.46.83

🇺🇸 162.216.150.16

🇻🇳 113.182.26.156

🇮🇩 103.175.225.238

🇧🇷 45.38.89.91

🇻🇳 123.21.199.9

🇨🇳 27.28.228.23

🇺🇸 162.216.149.41