JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.239.238.96

45.239.238.96 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 22%: ?

22%

ISP	ALISSON HENRIQUE DUARTE SERVICOS - ME
Usage Type	Fixed Line ISP
ASN	AS268390
Domain Name	netlinkce.com.br
Country	🇧🇷 Brazil
City	Fortaleza, Ceara

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.239.238.96

Whois 45.239.238.96

IP Abuse Reports for 45.239.238.96:

This IP address has been reported a total of 9 times from 5 distinct sources. 45.239.238.96 was first reported on September 14th 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-23 10:18:37 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 06:18:32.096274 2026] [security2:error] [pid 17153:tid 17214] [client 45.239.238.96:30917] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.239.238.96 (+1 hits since last alert)\|seriousgames-system.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seriousgames-system.info"] [uri "/xmlrpc.php"] [unique_id "ajpdeLibdoOXe3uqjkKK8wAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 05:11:50 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 01:11:46.490283 2026] [security2:error] [pid 8319:tid 8319] [client 45.239.238.96:30570] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.239.238.96 (+1 hits since last alert)\|thinkingepic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thinkingepic.com"] [uri "/xmlrpc.php"] [unique_id "ajoVktVRrAKSrGst9ccYrwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 02:58:35 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 22:58:29.254417 2026] [security2:error] [pid 29960:tid 29960] [client 45.239.238.96:30020] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.239.238.96 (+1 hits since last alert)\|vintageamptubes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vintageamptubes.com"] [uri "/xmlrpc.php"] [unique_id "ajn2VUv8vdT5qRRiql5YwwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-22 22:50:35 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC BR/Brazil/-	Web App Attack
🇧🇪 cmbplf	2026-06-22 22:30:47 (6 days ago)	2.761 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-22 22:20:55 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:20:48.428315 2026] [security2:error] [pid 26340:tid 26340] [client 45.239.238.96:29977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.239.238.96 (+1 hits since last alert)\|yanlidesign.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yanlidesign.com"] [uri "/xmlrpc.php"] [unique_id "ajm1QLbMAh3Rnq224qSjjgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 21:49:29 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:49:20.586604 2026] [security2:error] [pid 22235:tid 22235] [client 45.239.238.96:29549] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.239.238.96 (+1 hits since last alert)\|vzan.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vzan.org"] [uri "/xmlrpc.php"] [unique_id "ajmt4HvapjFDitTMw5ik6wAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bigorre.org	2025-11-11 01:02:58 (7 months ago)	Unidentified crawling: not a self-announced bot in user-agent	Bad Web Bot
🇳🇱 exxos	2025-09-14 03:03:01 (9 months ago)	Attacks with Bad user agents	Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇴 190.167.237.191

🇵🇱 172.253.255.52

🇫🇷 152.228.213.32

🇧🇬 79.124.59.10

🇦🇺 65.254.93.170

🇺🇸 65.49.1.38

🇺🇸 64.62.156.131

🇺🇸 162.216.149.30

🇫🇷 85.217.140.52

🇮🇹 82.180.56.17

🇬🇪 2.57.217.229

🇺🇸 216.25.89.99

🇳🇱 176.65.131.188

🇳🇱 164.90.195.107

🇸🇪 158.174.210.161

🇷🇺 95.108.213.226

🇱🇹 81.30.98.49

🇧🇪 34.38.149.206

🇻🇳 113.160.142.119

🇰🇷 112.216.129.27