JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 46.252.255.90

46.252.255.90 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 0%: ?

ISP	JSC Severen-Telecom
Usage Type	Fixed Line ISP
ASN	AS24739
Domain Name	severen.net
Country	🇷🇺 Russian Federation
City	Saint Petersburg, St.-Petersburg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 46.252.255.90

Whois 46.252.255.90

IP Abuse Reports for 46.252.255.90:

This IP address has been reported a total of 42 times from 22 distinct sources. 46.252.255.90 was first reported on June 17th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2024-08-15 05:29:42 (1 year ago)	46.252.255.90 - - [15/Aug/2024:07:29:42 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 46.252.255.90 - - [15/Aug/2024:07:29:42 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2024-07-19 22:08:02 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 myagent.site	2024-07-08 11:52:20 (1 year ago)	Banned for posting to wp-login.php without referer {"log":"admin","pwd":"root","wp-submit":"Log In", ... show more Banned for posting to wp-login.php without referer {"log":"admin","pwd":"root","wp-submit":"Log In","redirect_to":"http:\/\/mylistings.info\/wp-admin\/","testcookie":"1"} show less	Hacking
🇺🇸 myagent.site	2024-07-08 00:49:39 (1 year ago)	Banned for posting to wp-login.php without referer {"log":"admin","pwd":"support","wp-submit":"Log I ... show more Banned for posting to wp-login.php without referer {"log":"admin","pwd":"support","wp-submit":"Log In","redirect_to":"http:\/\/jimmysellshouses.com\/wp-admin\/","testcookie":"1"} show less	Hacking
🇺🇸 TPI-Abuse	2024-07-07 23:56:21 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 07 19:56:14.910544 2024] [security2:error] [pid 13167] [client 46.252.255.90:54090] [client 46.252.255.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 46.252.255.90 (+1 hits since last alert)\|www.geodogs.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.geodogs.org"] [uri "/xmlrpc.php"] [unique_id "ZosrHlBx2aRfIV7PafeYiAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-07-07 22:04:39 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 Petros Stefanakis	2024-07-07 12:40:00 (1 year ago)	(wordpress) Failed wordpress login from 46.252.255.90 (RU/Russia/-)	Brute-Force
🇺🇸 TPI-Abuse	2024-07-05 10:23:59 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 05 06:23:53.426541 2024] [security2:error] [pid 8720] [client 46.252.255.90:33468] [client 46.252.255.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 46.252.255.90 (+1 hits since last alert)\|www.pixelspective.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.pixelspective.com"] [uri "/xmlrpc.php"] [unique_id "ZofJueelGfmFK3Wf5u4btQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 karger	2024-07-05 02:34:14 (1 year ago)	Wordpress attack - hard filter	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-07-04 10:12:50 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 06:12:45.467599 2024] [security2:error] [pid 10811] [client 46.252.255.90:48848] [client 46.252.255.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 46.252.255.90 (+1 hits since last alert)\|www.casaruralelendulzaero.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.casaruralelendulzaero.com"] [uri "/xmlrpc.php"] [unique_id "ZoZ1neLuGMkL5agAAQ6NIwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 expandmade.com	2024-07-04 07:45:25 (1 year ago)	trolling for wp-login [04/Jul/2024:07:45:24 "POST /wp-login.php"]	Web App Attack
🇺🇸 cloudbuster	2024-07-04 06:24:40 (1 year ago)	Detected: wordpress bruteforce / scan	Brute-Force
Anonymous	2024-07-04 04:47:16 (1 year ago)		Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-04 04:08:45 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 46.252.255.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 00:08:39.024884 2024] [security2:error] [pid 29416] [client 46.252.255.90:37930] [client 46.252.255.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 46.252.255.90 (+1 hits since last alert)\|opticasprisma.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "opticasprisma.com"] [uri "/xmlrpc.php"] [unique_id "ZoYgR3zoY5mEvXWIUR9hdAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2024-07-04 02:27:53 (1 year ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.74

🇺🇸 192.178.115.221

🇨🇱 186.189.95.9

🇦🇷 179.60.228.74

🇲🇩 178.175.167.68

🇬🇧 172.69.224.198

🇺🇸 162.216.150.189

🇺🇸 142.93.201.122

🇨🇳 113.109.26.123

🇷🇴 92.118.39.62

🇧🇬 79.124.56.138

🇱🇺 64.89.160.35

🇺🇸 34.53.101.90

🇺🇸 216.180.246.202

🇺🇸 213.201.243.87

🇹🇷 212.87.199.64

🇹🇼 198.235.24.37

🇬🇧 193.163.125.102

🇬🇧 172.69.224.81

🇺🇸 151.240.93.36