JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.7.26.112

45.7.26.112 was found in our database!

This IP was reported 94 times. Confidence of Abuse is 68%: ?

68%

ISP	MBG TECNOLOGIA LTDA EPP
Usage Type	Fixed Line ISP
ASN	AS266568
Hostname(s)	addr-45-7-26-112.shared.mabnet.net.br
Domain Name	mabnet.net.br
Country	🇧🇷 Brazil
City	Parauapebas, Para

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.7.26.112

Whois 45.7.26.112

IP Abuse Reports for 45.7.26.112:

This IP address has been reported a total of 94 times from 49 distinct sources. 45.7.26.112 was first reported on July 3rd 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-20 00:12:05 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC BR/Brazil/addr-45-7-26-112.shared.mabnet.net.br	Web App Attack
🇫🇷 dynamix	2026-06-19 18:31:31 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-19 15:48:44 (1 day ago)	[ns41.kdns.gr] httpd-xmlrpc-post: sites=kkourelis.gr; logs=/var/log/httpd/domains/kkourelis.gr.log; ... show more [ns41.kdns.gr] httpd-xmlrpc-post: sites=kkourelis.gr; logs=/var/log/httpd/domains/kkourelis.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 16:48:27 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net ... show more (mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:48:19.218423 2026] [security2:error] [pid 6519:tid 6519] [client 45.7.26.112:52711] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.7.26.112 (+1 hits since last alert)\|targetbinario.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "targetbinario.com"] [uri "/xmlrpc.php"] [unique_id "ajQhU_O9nsBaI0SC2mu2dgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-18 16:47:40 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇫🇷 dynamix	2026-06-18 16:47:02 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 16:19:14 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net ... show more (mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:19:08.030391 2026] [security2:error] [pid 304:tid 304] [client 45.7.26.112:57190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.7.26.112 (+1 hits since last alert)\|oakglenhouse.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oakglenhouse.com"] [uri "/xmlrpc.php"] [unique_id "ajQafI_FsqXfEQeqPmTPzQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Dolphi	2026-06-18 13:40:09 (3 days ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:20:29 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net ... show more (mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:20:22.738014 2026] [security2:error] [pid 10640:tid 10640] [client 45.7.26.112:56326] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.7.26.112 (+1 hits since last alert)\|stacyfarm.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stacyfarm.com"] [uri "/xmlrpc.php"] [unique_id "ajHoRheCcq42npgfHc5_VQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-16 00:06:03 (5 days ago)	Trying to access config files	Web App Attack
🇫🇷 dynamix	2026-06-15 15:29:26 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 14:51:33 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net ... show more (mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 10:51:26.620586 2026] [security2:error] [pid 8248:tid 8274] [client 45.7.26.112:61139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.7.26.112 (+1 hits since last alert)\|mysticscon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mysticscon.com"] [uri "/xmlrpc.php"] [unique_id "ajARbrH8-fqkcX8nguRlvwAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 20:59:13 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net ... show more (mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:59:05.717823 2026] [security2:error] [pid 20356:tid 20356] [client 45.7.26.112:59200] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.7.26.112 (+1 hits since last alert)\|stinsonbeachsurfandkayak.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stinsonbeachsurfandkayak.com"] [uri "/xmlrpc.php"] [unique_id "aictGSQnv2lUK0oAdL8jPgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 12:45:38 (1 week ago)	(wordpress) Failed wordpress login from 45.7.26.112 (BR/Brazil/Pará/Parauapebas/addr-45-7-26-112.sha ... show more (wordpress) Failed wordpress login from 45.7.26.112 (BR/Brazil/Pará/Parauapebas/addr-45-7-26-112.shared.mabnet.net.br/[redacted]) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 01:02:52 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net ... show more (mod_security) mod_security (id:240335) triggered by 45.7.26.112 (addr-45-7-26-112.shared.mabnet.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 21:02:44.492941 2026] [security2:error] [pid 29044:tid 29044] [client 45.7.26.112:60346] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.7.26.112 (+1 hits since last alert)\|waterjetsolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "waterjetsolutions.com"] [uri "/xmlrpc.php"] [unique_id "aiDOtIzQgLGe2VfkUt9YRwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 94 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇺🇸 170.187.165.134

🇨🇳 27.128.185.198

🇦🇺 20.5.130.110

🇷🇴 2.57.121.112

🇨🇭 185.212.170.92

🇮🇳 139.59.18.80

🇯🇵 118.193.61.170

🇸🇬 94.231.206.36

🇧🇷 45.205.1.247

🇭🇰 45.142.154.107

🇯🇵 8.216.8.122

🇳🇱 89.248.165.36

🇺🇸 67.43.243.158

🇺🇸 49.51.52.250

🇳🇱 45.148.10.147

🇹🇷 212.154.7.246

🇷🇺 178.177.55.11

🇸🇬 103.250.10.18

🇨🇦 20.104.201.234