JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 155.117.99.52

155.117.99.52 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 42%: ?

42%

ISP	Brander Group Inc
Usage Type	Data Center/Web Hosting/Transit
ASN	AS50049
Domain Name	brandergroup.net
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 155.117.99.52

Whois 155.117.99.52

IP Abuse Reports for 155.117.99.52:

This IP address has been reported a total of 12 times from 6 distinct sources. 155.117.99.52 was first reported on June 29th 2026, and the most recent report was 55 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-30 15:46:11 (55 minutes ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-30 13:14:58 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:14:53.002932 2026] [security2:error] [pid 8860:tid 8860] [client 155.117.99.52:43746] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 155.117.99.52 (+1 hits since last alert)\|boaredraven.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "boaredraven.com"] [uri "/xmlrpc.php"] [unique_id "akPBTMYXQv_tRfP6hVsOSAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-30 10:11:06 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 06:10:58.543438 2026] [security2:error] [pid 13563:tid 13591] [client 155.117.99.52:19724] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 155.117.99.52 (+1 hits since last alert)\|mysticscon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mysticscon.com"] [uri "/xmlrpc.php"] [unique_id "akOWMvSRYEe5Qz0hVnuVRwAAANc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-30 10:08:34 (6 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 18:45:07 (21 hours ago)	(mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 14:44:59.579968 2026] [security2:error] [pid 1128:tid 1152] [client 155.117.99.52:62020] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 155.117.99.52 (+1 hits since last alert)\|minutosrobados.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "minutosrobados.com"] [uri "/xmlrpc.php"] [unique_id "akK9K2KOonmc1lIkdkm0mgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 16:53:10 (23 hours ago)	(mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 12:53:06.037634 2026] [security2:error] [pid 4821:tid 4821] [client 155.117.99.52:34575] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 155.117.99.52 (+1 hits since last alert)\|yerevanpress.am\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yerevanpress.am"] [uri "/xmlrpc.php"] [unique_id "akKi8ndJZ39zRTg0J5BnEQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 10:29:31 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:29:28.084676 2026] [security2:error] [pid 14967:tid 14967] [client 155.117.99.52:9855] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 155.117.99.52 (+1 hits since last alert)\|jessicalevant.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jessicalevant.com"] [uri "/xmlrpc.php"] [unique_id "akJJCLBoaoE3ys9jIloMeQAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-29 07:25:03 (1 day ago)	(wordpress) Failed wordpress login from 155.117.99.52 (-)	Brute-Force
🇫🇷 masterguru	2026-06-29 06:53:17 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇦🇺 screwlooseit.com.au	2026-06-29 05:22:17 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC US/United States/-	Web App Attack
🇩🇪 abdubhai	2026-06-29 04:19:43 (1 day ago)	155.117.99.52 - - [29/Jun/2026:0 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-29 03:20:20 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 155.117.99.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:20:12.797846 2026] [security2:error] [pid 21056:tid 21056] [client 155.117.99.52:7598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 155.117.99.52 (+1 hits since last alert)\|palumbodesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "palumbodesigns.com"] [uri "/xmlrpc.php"] [unique_id "akHkbGiykIiZu4_JKTu_vgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 193.36.225.36

🇺🇸 167.172.17.188

🇳🇱 103.161.34.59

🇺🇸 199.195.254.215

🇺🇸 184.105.247.235

🇷🇺 168.222.140.242

🇮🇳 103.55.89.5

🇹🇷 95.70.202.191

🇳🇱 81.19.216.112

🇺🇸 66.132.195.47

🇨🇦 57.134.215.133

🇨🇱 45.237.132.132

🇳🇱 45.148.10.141

🇮🇳 45.123.110.70

🇮🇳 43.225.73.108

🇺🇸 23.23.212.212

🇷🇴 2.57.122.150

🇨🇳 218.59.201.12

🇺🇸 208.109.38.65

🇳🇱 195.178.110.137