JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.250.51.12

85.250.51.12 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 33%: ?

33%

ISP	013 Netvision
Usage Type	Fixed Line ISP
ASN	AS1680
Hostname(s)	85-250-51-12.bb.netvision.net.il
Domain Name	cellcom.co.il
Country	🇮🇱 Israel
City	Beersheba, Southern District

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.250.51.12

Whois 85.250.51.12

IP Abuse Reports for 85.250.51.12:

This IP address has been reported a total of 15 times from 8 distinct sources. 85.250.51.12 was first reported on May 24th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 16:27:06 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il) ... show more (mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 12:27:02.127718 2026] [security2:error] [pid 14326:tid 14336] [client 85.250.51.12:61258] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 85.250.51.12 (+1 hits since last alert)\|morganswarsong.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "morganswarsong.com"] [uri "/xmlrpc.php"] [unique_id "aig-1tl-gtKpK_MPLysCnQAAAUg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 15:30:40 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 07:01:24 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il) ... show more (mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:01:17.030591 2026] [security2:error] [pid 14355:tid 14355] [client 85.250.51.12:60660] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 85.250.51.12 (+1 hits since last alert)\|interiorsolutions-stuart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "interiorsolutions-stuart.com"] [uri "/xmlrpc.php"] [unique_id "aie6PWvosF6zVAowTScoDwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-04 17:34:22 (3 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 17:09:17 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il) ... show more (mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 13:09:09.639686 2026] [security2:error] [pid 9449:tid 9449] [client 85.250.51.12:55863] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 85.250.51.12 (+1 hits since last alert)\|crystaljohns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "crystaljohns.com"] [uri "/xmlrpc.php"] [unique_id "aiGxNeEcx9H4y4EETuKwkgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:00:27 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il) ... show more (mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:00:18.320272 2026] [security2:error] [pid 31806:tid 31806] [client 85.250.51.12:61646] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 85.250.51.12 (+1 hits since last alert)\|fishleadership.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "ah3k0uaaGUQcTLapL8hloQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-01 11:30:41 (3 weeks ago)	Attac	Brute-Force
Anonymous	2026-06-01 06:04:04 (3 weeks ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇩🇪 grassau.com	2026-05-31 17:52:02 (3 weeks ago)	(wordpress) Failed wordpress login from 85.250.51.12 (IL/Israel/Central District/Rishon LeTsiyyon/85 ... show more (wordpress) Failed wordpress login from 85.250.51.12 (IL/Israel/Central District/Rishon LeTsiyyon/85-250-51-12.bb.netvision.net.il) show less	Brute-Force
Anonymous	2026-05-31 14:20:02 (3 weeks ago)	Web App Attack, Hacking	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-30 10:41:02 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il) ... show more (mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 06:40:56.370013 2026] [security2:error] [pid 2301:tid 2301] [client 85.250.51.12:55069] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 85.250.51.12 (+1 hits since last alert)\|websitesforauthors.design\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "websitesforauthors.design"] [uri "/xmlrpc.php"] [unique_id "ahq-uL5_wVMuzas9Yz9zcwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-30 09:47:38 (3 weeks ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 09:28:29 (4 weeks ago)	(mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il) ... show more (mod_security) mod_security (id:240335) triggered by 85.250.51.12 (85-250-51-12.bb.netvision.net.il): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 05:28:21.079003 2026] [security2:error] [pid 25277:tid 25277] [client 85.250.51.12:61776] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 85.250.51.12 (+1 hits since last alert)\|saynotoofland.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "saynotoofland.org"] [uri "/xmlrpc.php"] [unique_id "ahgKte4-SOjBEoluQNJxaAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-27 19:16:43 (4 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-24 10:30:59 (1 month ago)	(wordpress) Failed wordpress login from 85.250.51.12 (IL/Israel/85-250-51-12.bb.netvision.net.il)	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.73

🇺🇸 195.184.76.227

🇰🇭 124.248.167.50

🇩🇪 43.228.157.10

🇭🇳 216.234.223.101

🇳🇱 185.93.89.147

🇨🇳 106.12.151.23

🇸🇬 43.156.212.86

🇺🇸 34.182.90.237

🇮🇪 20.223.152.187

🇨🇳 14.29.184.206

🇨🇳 222.223.177.118

🇧🇪 198.235.24.137

🇺🇸 185.223.152.94

🇺🇸 185.180.141.32

🇷🇺 31.173.4.22

🇨🇦 4.239.243.30

🇺🇸 162.216.150.157

🇨🇦 159.203.25.138

🇰🇷 125.244.114.221