AbuseIPDB » 2804:14d:7890:5e4a:869f:16b:fa9a:a819

2804:14d:7890:5e4a:869f:16b:fa9a:a819 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 36%: ?

36%

Important Note: Public IPv6 addresses may implement the SLAAC privacy extension. With this, the interface identifier is randomly generated. The SLAAC privacy extension also implements a time out, which is configurable, so that the IPv6 interface addresses will be discarded and a new interface identifier is generated.

ISP	Claro NXT Telecomunicacoes Ltda
Usage Type	Mobile ISP
ASN	AS28573
Domain Name	claro.com.br
Country	Brazil
City	Santo Andre, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 2804:14d:7890:5e4a:869f:16b:fa9a:a819

Whois 2804:14d:7890:5e4a:869f:16b:fa9a:a819

IP Abuse Reports for 2804:14d:7890:5e4a:869f:16b:fa9a:a819:

This IP address has been reported a total of 27 times from 10 distinct sources. 2804:14d:7890:5e4a:869f:16b:fa9a:a819 was first reported on February 21st 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
TPI-Abuse	2025-06-04 07:38:17 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown) ... show more(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 04 03:38:10.918059 2025] [security2:error] [pid 1004080:tid 1004080] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819:61704] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|major33.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "major33.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aD_34hIu0jxqB1hObXhSqQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-03 23:56:47 (1 week ago)	(wordpress) Failed wordpress login from 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (BR/Brazil/São Paulo/ ... show more(wordpress) Failed wordpress login from 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (BR/Brazil/São Paulo/Santo André/-/[redacted]) show less	Brute-Force
stinpriza	2025-06-03 01:40:57 (1 week ago)	(XMLRPC) WP XMLPRC Attack 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (BR/Brazil/-): 1 in the last 3600 se ... show more(XMLRPC) WP XMLPRC Attack 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (BR/Brazil/-): 1 in the last 3600 secs show less	Web App Attack
TPI-Abuse	2025-06-02 02:27:40 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown) ... show more(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 22:27:36.738966 2025] [security2:error] [pid 3867250:tid 3867265] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819:53246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|abusaimeh.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "abusaimeh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aD0MGNzpwklYdU8Z7pLGSwAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-05-30 02:15:38 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown) ... show more(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 22:15:31.782068 2025] [security2:error] [pid 3523823:tid 3523823] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819:58303] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|takemehomedogrescue.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "takemehomedogrescue.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aDkUwxw_eg_cBladtUKhgAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
LRob.fr	2025-05-29 01:15:16 (2 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
vestibtech	2025-05-25 05:37:06 (2 weeks ago)	2804:14d:7890:5e4a:869f:16b:fa9a:a819 - - [24/May/2025:23:37:05 -0600] "POST /xmlrpc.php HTTP/1.1" 4 ... show more2804:14d:7890:5e4a:869f:16b:fa9a:a819 - - [24/May/2025:23:37:05 -0600] "POST /xmlrpc.php HTTP/1.1" 404 10595 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Web App Attack
TPI-Abuse	2025-05-22 00:05:13 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown) ... show more(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 21 20:05:06.542222 2025] [security2:error] [pid 1829141:tid 1829141] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819:53534] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|amplifihearing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amplifihearing.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aC5qMkuT_mmgSAwo7qPufQAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
LRob.fr	2025-05-21 00:00:12 (3 weeks ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
stinpriza	2025-05-09 02:23:21 (1 month ago)	(XMLRPC) xmlrpc banned 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (BR/Brazil/-): 1 in the last 3600 secs	Web App Attack
TPI-Abuse	2025-05-08 23:47:55 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown) ... show more(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 08 19:47:49.622132 2025] [security2:error] [pid 2035859:tid 2035859] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819:58743] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sharonmauldin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sharonmauldin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aB1CpQPk810_ylz355kSXQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Swiptly	2025-05-08 02:23:16 (1 month ago)	WordPress xmlrpc spam or enumeration ...	Web Spam Bad Web Bot Web App Attack
Anonymous	2025-05-07 23:55:56 (1 month ago)	SuspiciousC2 Activity detected by FMBAD System 2025-05-08 02:55:55	Hacking Bad Web Bot Web App Attack
akac	2025-04-19 05:01:38 (1 month ago)	Web vulnerability scanning: HTTP/1.1 POST /xmlrpc.php	Hacking Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-04-18 17:13:44 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown) ... show more(mod_security) mod_security (id:225170) triggered by 2804:14d:7890:5e4a:869f:16b:fa9a:a819 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 13:13:37.874940 2025] [security2:error] [pid 21841:tid 21841] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819:61318] [client 2804:14d:7890:5e4a:869f:16b:fa9a:a819] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nuewines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nuewines.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aAKIQZjYHxwhCQPtiuD1bgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

18.214.124.6

103.186.1.172

108.165.238.133

8.216.66.154

162.216.149.176

196.251.70.185

205.210.31.227

92.118.39.34

193.163.125.6

210.236.249.126

104.223.120.159

195.178.110.160

64.33.82.254

117.139.200.157

47.180.114.229

45.39.54.227

107.172.243.131

196.251.92.11

102.39.177.50

27.40.100.155