JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.166.57.13

45.166.57.13 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 37%: ?

37%

ISP	TURBOO NET
Usage Type	Fixed Line ISP
ASN	AS264173
Domain Name	turboo.com.br
Country	🇧🇷 Brazil
City	Maceio, Alagoas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.166.57.13

Whois 45.166.57.13

IP Abuse Reports for 45.166.57.13:

This IP address has been reported a total of 21 times from 16 distinct sources. 45.166.57.13 was first reported on August 13th 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-30 01:58:40 (1 hour ago)	(xmlrpc) Apache: Failed xmlrpc access from 45.166.57.13 (BR/Brazil/-): 10 in the last 3600 secs (0-2 ... show more (xmlrpc) Apache: Failed xmlrpc access from 45.166.57.13 (BR/Brazil/-): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-29 22:39:53 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 18:39:46.103934 2026] [security2:error] [pid 2716:tid 2716] [client 45.166.57.13:62886] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.166.57.13 (+1 hits since last alert)\|airdriedrivingschool.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airdriedrivingschool.com"] [uri "/xmlrpc.php"] [unique_id "akL0MsMWGy8clQCcUwD1JAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-22 16:14:31 (1 week ago)	(wordpress) Failed wordpress login from 45.166.57.13 (BR/Brazil/-)	Brute-Force
🇫🇷 masterguru	2026-06-22 12:08:07 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇫🇮 YF	2026-05-20 02:05:57 (1 month ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
Anonymous	2026-05-19 21:40:13 (1 month ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-19 20:37:59 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 16:37:56.081088 2026] [security2:error] [pid 20986:tid 20986] [client 45.166.57.13:62123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.166.57.13 (+1 hits since last alert)\|mosheimlib.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mosheimlib.org"] [uri "/xmlrpc.php"] [unique_id "agzKJMhPIGEWdx9Fsx_3eQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-13 03:29:39 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 23:29:34.512661 2026] [security2:error] [pid 30877:tid 30911] [client 45.166.57.13:56208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.166.57.13 (+1 hits since last alert)\|seriousgames-system.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seriousgames-system.info"] [uri "/xmlrpc.php"] [unique_id "agPwHvHuoJr2s4mJS2AMYgAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ipoac.nl	2026-05-12 23:09:17 (1 month ago)	2026-05-13T00:09:16.586218+01:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 45. ... show more 2026-05-13T00:09:16.586218+01:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 45.166.57.13 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 01:21:59 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 21:21:53.930738 2026] [security2:error] [pid 4521:tid 4521] [client 45.166.57.13:65412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|worshipconcert.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "worshipconcert.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agKAsUKPlAxARBUEPEzjwgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WellSpring	2026-05-11 22:26:17 (1 month ago)	xmlrpc exploit on 651.today/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-05-11 20:49:16 (1 month ago)	3.797 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-11 19:55:06 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 45.166.57.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 15:54:58.474363 2026] [security2:error] [pid 1963:tid 1963] [client 45.166.57.13:65437] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.166.57.13 (+1 hits since last alert)\|prcomputersolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prcomputersolutions.com"] [uri "/xmlrpc.php"] [unique_id "agI0EqBhHUyS7mIUGruKLAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Paulo Henrique dos Santos Nichio	2026-05-11 19:26:05 (1 month ago)	(ls_brute) LiteSpeed Brute Force Attack 45.166.57.13 (BR/Brazil/-): 3 in the last 600 secs; Ports: * ... show more (ls_brute) LiteSpeed Brute Force Attack 45.166.57.13 (BR/Brazil/-): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-11 16:25:40.700999 [WARN] [2828689] [T0] [45.166.57.13:50267-30#APVH_www.napalmadasuamao.com.br:443] Brute force detected for IP [45.166.57.13], throttle. 2026-05-11 16:25:51.717337 [WARN] [2828689] [T0] [45.166.57.13:50267-31#APVH_www.napalmadasuamao.com.br:443] Brute force detected for IP [45.166.57.13], throttle. 2026-05-11 16:26:02.710355 [WARN] [2828689] [T0] [45.166.57.13:50267-32#APVH_www.napalmadasuamao.com.br:443] Brute force detected for IP [45.166.57.13], throttle. show less	Port Scan
🇺🇸 Mundo Bueno	2026-05-11 00:45:53 (1 month ago)	[ISILIA Protection v2.1] Tentative d'accès: /xmlrpc.php \| Pays: BR \| UA: Jetpack by WordPress.com	Hacking Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 202.71.141.170

🇵🇷 198.244.65.208

🇺🇸 195.184.76.71

🇨🇦 148.113.221.241

🇧🇪 141.134.166.202

🇮🇳 115.241.1.85

🇨🇳 111.113.88.61

🇩🇪 89.163.214.187

🇺🇸 66.132.172.152

🇸🇬 18.140.44.23

🇷🇴 2.57.121.112

🇵🇰 202.63.207.120

🇧🇷 187.181.137.177

🇨🇳 183.241.150.217

🇺🇸 162.216.149.211

🇻🇳 103.200.22.154

🇸🇬 68.183.236.1

🇮🇶 65.20.133.56

🇨🇳 60.13.6.160

🇫🇷 51.159.104.219