JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 87.221.242.25

87.221.242.25 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 30%: ?

30%

ISP	Jazztel triple play services
Usage Type	Fixed Line ISP
ASN	AS12479
Hostname(s)	25.242.221.87.dynamic.jazztel.es
Domain Name	jazztel.com
Country	🇪🇸 Spain
City	Chane, Castille and Leon

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 87.221.242.25

Whois 87.221.242.25

IP Abuse Reports for 87.221.242.25:

This IP address has been reported a total of 6 times from 4 distinct sources. 87.221.242.25 was first reported on June 22nd 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 15:56:52 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 87.221.242.25 (25.242.221.87.dynamic.jazztel.es ... show more (mod_security) mod_security (id:240335) triggered by 87.221.242.25 (25.242.221.87.dynamic.jazztel.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:56:44.934743 2026] [security2:error] [pid 9513:tid 9513] [client 87.221.242.25:63023] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 87.221.242.25 (+1 hits since last alert)\|yerevanpress.am\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yerevanpress.am"] [uri "/xmlrpc.php"] [unique_id "aj1PvOY9ZzwZqZH7KCns8gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 22:32:20 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 87.221.242.25 (25.242.221.87.dynamic.jazztel.es ... show more (mod_security) mod_security (id:240335) triggered by 87.221.242.25 (25.242.221.87.dynamic.jazztel.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:32:13.861890 2026] [security2:error] [pid 999:tid 999] [client 87.221.242.25:53197] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 87.221.242.25 (+1 hits since last alert)\|kompareiq.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kompareiq.com"] [uri "/xmlrpc.php"] [unique_id "ajm37e3OtKlCNRGH28vGpgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 20:58:51 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 87.221.242.25 (25.242.221.87.dynamic.jazztel.es ... show more (mod_security) mod_security (id:240335) triggered by 87.221.242.25 (25.242.221.87.dynamic.jazztel.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 16:58:47.235231 2026] [security2:error] [pid 19367:tid 19367] [client 87.221.242.25:64664] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 87.221.242.25 (+1 hits since last alert)\|texascottagebakers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "texascottagebakers.com"] [uri "/xmlrpc.php"] [unique_id "ajmiB9J7eKZwIHEAVyVxHQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-22 20:56:39 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-22 19:44:57 (3 days ago)	[redacted] 87.221.242.25 - - [22/Jun/2026:21:44:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ... show more [redacted] 87.221.242.25 - - [22/Jun/2026:21:44:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" [redacted] 87.221.242.25 - - [22/Jun/2026:21:44:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 87.221.242.25 - - [22/Jun/2026:21:44:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 87.221.242.25 - - [22/Jun/2026:21:44:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site59397006.com" [redacted] 87.221.242.25 - - [22/Jun/2026:21:44:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site58097752.com" ... show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-22 18:43:39 (3 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.170

🇳🇱 91.92.40.36

🇩🇪 69.5.169.238

🇱🇹 45.227.254.170

🇺🇸 44.204.110.176

🇵🇱 20.215.211.246

🇰🇷 211.222.195.240

🇬🇧 54.38.147.35

🇺🇸 44.186.192.233

🇺🇸 44.61.7.254

🇰🇷 222.121.250.203

🇹🇼 198.235.24.39

🇺🇸 162.216.150.148

🇳🇱 85.11.167.7

🇺🇸 45.79.42.69

🇺🇸 44.88.32.217

🇺🇸 38.99.70.2

🇬🇧 37.10.113.221

🇬🇧 193.163.125.155

🇺🇸 172.253.83.85