JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.128.39.215

45.128.39.215 was found in our database!

This IP was reported 127 times. Confidence of Abuse is 46%: ?

46%

ISP	M247 LTD Madrid Infrastructure
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Hostname(s)	webmail.workoutchronic.com
Domain Name	m247.com
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.128.39.215

Whois 45.128.39.215

IP Abuse Reports for 45.128.39.215:

This IP address has been reported a total of 127 times from 76 distinct sources. 45.128.39.215 was first reported on June 18th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 16:34:56 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.128.39.215 (webmail.workoutchronic.com): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 45.128.39.215 (webmail.workoutchronic.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 12:34:51.070024 2026] [security2:error] [pid 13204:tid 13204] [client 45.128.39.215:62457] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.128.39.215 (+1 hits since last alert)\|thesalonx.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "ajlkK4rspZ5t9F3AP09efQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 SecureLinkSolutions	2026-06-18 04:32:10 (1 week ago)	Sending phising emails	Phishing
🇺🇸 xmission.com	2026-06-08 13:00:21 (2 weeks ago)	Blocked 39 connection attempts due to Spamhaus RBL (RJCT05) in the past 4 hours. To request delistin ... show more Blocked 39 connection attempts due to Spamhaus RBL (RJCT05) in the past 4 hours. To request delisting, visit https://www.spamhaus.org/lookup/ to check your IP status and submit a delist request if eligible. show less	Email Spam
🇳🇱 ATV	2026-06-01 03:00:06 (3 weeks ago)	Message rejected as phishing spam	Email Spam Hacking Phishing
🇫🇷 BULLSEYE	2026-06-01 02:06:02 (3 weeks ago)	Automated detection from Windows Firewall. Observed patterns: Top: TCP/25=5 (possible SMTP probing) ... show more Automated detection from Windows Firewall. Observed patterns: Top: TCP/25=5 (possible SMTP probing). Traffic characteristics strongly indicate automated scanning activity. show less	Port Scan Hacking
🇺🇸 vestibtech	2026-06-01 01:57:11 (3 weeks ago)	2026-05-31T19:57:10.488269-06:00 Host-KLAX-C amavis[111783]: (111783-07) Blocked SPAM {RejectedInbou ... show more 2026-05-31T19:57:10.488269-06:00 Host-KLAX-C amavis[111783]: (111783-07) Blocked SPAM {RejectedInbound}, AM.PDP-SOCK [45.128.39.215] [45.128.39.215] <[email protected]> -> <[email protected]>, Queue-ID: 1AC3A1BCD48, Message-ID: <[email protected]>, mail_id: UE3zJ0bdlvnN, Hits: 23.013, size: 8661, 4194 ms ... show less	Email Spam
🇩🇪 iNetWorker	2026-06-01 01:41:04 (3 weeks ago)	spam	Email Spam
🇺🇸 xmission.com	2026-06-01 01:07:44 (3 weeks ago)	Blocked 10 connection attempts due to Spamhaus RBL (RJCT05) in the past 4 hours. To request delistin ... show more Blocked 10 connection attempts due to Spamhaus RBL (RJCT05) in the past 4 hours. To request delisting, visit https://www.spamhaus.org/lookup/ to check your IP status and submit a delist request if eligible. show less	Email Spam
🇸🇰 KZP	2026-06-01 00:00:56 (3 weeks ago)	Automatic report from KZP firewall log.	Port Scan Hacking Brute-Force
🇳🇱 Cloud86 B.V.	2026-05-31 23:52:05 (3 weeks ago)	categories: Email Spam	Email Spam
🇪🇸 librebit	2026-05-16 04:22:13 (1 month ago)	Listed IP in blacklist by postfix/dnsblog	Spoofing
🇲🇹 Malta	2026-05-16 03:15:41 (1 month ago)	45.128.39.215 - - [16/May/2026:05:15:40 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 45.128.39.215 - - [16/May/2026:05:15:40 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇨🇭 Origon	2026-05-15 14:10:52 (1 month ago)	NOQUEUE - IP: 45.128.39.215 - May 15 16:10:51 plesk postfix/smtpd[1264313]: NOQUEUE: reject: RCPT f ... show more NOQUEUE - IP: 45.128.39.215 - May 15 16:10:51 plesk postfix/smtpd[1264313]: NOQUEUE: reject: RCPT from unknown[45.128.39.215]: 554 5.7.1 Service unavailable; Client host [45.128.39.215] blocked using dnsbl-3.uceprotect.net; Your ISP M247, RO/AS9009 is UCEPROTECT-Level3 listed because of a spamscore of 53. See: http://www.uceprotect.net/rblcheck.php?ipr=45.128.39.215; from=<[email protected]> to=<REDACTED@REDACTED> proto=ESMTP helo=<microsoft.com> show less	Email Spam
Anonymous	2026-02-27 13:52:19 (3 months ago)	wordpress-trap	Web App Attack
🇺🇸 ambor	2026-02-01 08:16:02 (4 months ago)	Honeypot triggered on tcpdata.com - Attempted to access /xmlrpc.php (wordpress_xmlrpc). User-Agent: ... show more Honeypot triggered on tcpdata.com - Attempted to access /xmlrpc.php (wordpress_xmlrpc). User-Agent: Apache-HttpClient/4.5.13 (Java/11.0.29) show less	Web App Attack

Showing 1 to 15 of 127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.124

🇫🇮 147.185.133.191

🇯🇵 141.147.177.121

🇵🇱 89.186.21.118

🇺🇸 71.6.134.237

🇺🇸 66.132.172.185

🇺🇸 65.49.1.10

🇮🇳 52.140.124.214

🇺🇸 47.77.233.21

🇫🇮 31.56.204.231

🇨🇦 20.63.68.41

🇸🇪 185.246.130.20

🇫🇷 173.212.228.15

🇺🇸 162.216.149.84

🇳🇱 157.245.72.96

🇺🇸 91.230.168.177

🇺🇸 91.230.168.87

🇫🇷 90.119.134.234

🇫🇷 85.217.140.12

🇱🇹 62.60.130.219