JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.241.68.77

152.241.68.77 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 54%: ?

54%

ISP	TELEFÔNICA BRASIL S.A
Usage Type	Fixed Line ISP
ASN	AS26599
Hostname(s)	152-241-68-77.user.vivozap.com.br
Domain Name	telefonica.com.br
Country	🇧🇷 Brazil
City	Recife, Pernambuco

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.241.68.77

Whois 152.241.68.77

IP Abuse Reports for 152.241.68.77:

This IP address has been reported a total of 14 times from 9 distinct sources. 152.241.68.77 was first reported on June 4th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-10 22:26:59 (1 day ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 05:04:56 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.b ... show more (mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:04:52.800370 2026] [security2:error] [pid 28293:tid 28319] [client 152.241.68.77:64571] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 152.241.68.77 (+1 hits since last alert)\|artmarialeon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artmarialeon.com"] [uri "/xmlrpc.php"] [unique_id "aijwdGCPUOialqSlHTDxZgAAAVc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 18:32:32 (2 days ago)	Fail2ban filtered ...	Web App Attack
Anonymous	2026-06-09 18:02:44 (2 days ago)	(wordpress) Failed wordpress login from 152.241.68.77 (BR/Brazil/152-241-68-77.user.vivozap.com.br)	Brute-Force
Anonymous	2026-06-09 09:06:06 (2 days ago)	Trying to access config files	Web App Attack
Anonymous	2026-06-09 06:03:13 (2 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 03:15:41 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.b ... show more (mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:15:36.031878 2026] [security2:error] [pid 7527:tid 7527] [client 152.241.68.77:51148] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 152.241.68.77 (+1 hits since last alert)\|konahawaiirealty.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "konahawaiirealty.com"] [uri "/xmlrpc.php"] [unique_id "aieFWDPZ-rzhztBTiM_VVgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-09 02:23:22 (3 days ago)	Wordpress Vunerability attack	Web App Attack
Anonymous	2026-06-05 12:28:43 (6 days ago)	[server.tmg.gr] httpd-xmlrpc-post: sites=aegeanpvdforum.com; logs=/var/log/httpd/domains/aegeanpvdfo ... show more [server.tmg.gr] httpd-xmlrpc-post: sites=aegeanpvdforum.com; logs=/var/log/httpd/domains/aegeanpvdforum.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2026-06-04 22:41:13 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 20:03:50 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.b ... show more (mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:03:45.511449 2026] [security2:error] [pid 10875:tid 10875] [client 152.241.68.77:50077] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 152.241.68.77 (+1 hits since last alert)\|zerotaxlab.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "zerotaxlab.com"] [uri "/xmlrpc.php"] [unique_id "aiHaIfhuLD1V2UYI1awYSQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:30:31 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.b ... show more (mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:30:27.447930 2026] [security2:error] [pid 2547:tid 2547] [client 152.241.68.77:56184] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 152.241.68.77 (+1 hits since last alert)\|magnoliahillproductions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magnoliahillproductions.com"] [uri "/xmlrpc.php"] [unique_id "aiFv4wLa6LVFzkgDlY8TYAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-04 12:08:03 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 09:36:10 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.b ... show more (mod_security) mod_security (id:240335) triggered by 152.241.68.77 (152-241-68-77.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 05:36:06.330422 2026] [security2:error] [pid 28418:tid 28418] [client 152.241.68.77:59717] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 152.241.68.77 (+1 hits since last alert)\|3beeze.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "3beeze.com"] [uri "/xmlrpc.php"] [unique_id "aiFHBo-lXmwYjAWrxfnIpAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 194.187.179.9

🇧🇷 138.99.80.102

🇺🇸 43.135.135.17

🇬🇧 35.203.211.108

🇺🇸 34.150.142.107

🇦🇺 209.38.82.158

🇵🇱 185.241.208.20

🇧🇷 152.32.199.112

🇦🇷 148.227.69.14

🇨🇳 116.179.32.133

🇨🇳 111.20.145.238

🇺🇸 91.230.168.127

🇳🇱 45.148.10.152

🇺🇸 45.33.109.17

🇭🇰 43.242.203.160

🇬🇧 37.10.113.213

🇧🇪 35.241.239.102

🇬🇧 35.203.210.18

🇻🇳 14.248.82.157

🇱🇰 220.247.224.226