JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.136.25.68

45.136.25.68 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 1%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.136.25.68

Whois 45.136.25.68

IP Abuse Reports for 45.136.25.68:

This IP address has been reported a total of 14 times from 7 distinct sources. 45.136.25.68 was first reported on October 28th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 sshtmp	2026-05-20 16:34:23 (2 weeks ago)	[AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-20T18:34:23+0 ... show more [AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-20T18:34:23+02:00 \| Last: 2026-05-20T18:34:23+02:00 Samples: POST /xmlrpc.php [200] show less	Brute-Force Web App Attack
🇩🇪 HandyTreff.de	2026-03-17 13:51:11 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -47.484 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -47.484 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.2682.8 show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-14 12:40:52 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 08:40:44.224614 2026] [security2:error] [pid 21417:tid 21417] [client 45.136.25.68:36121] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Power Chairs/Alante/Thumbs.db"] [unique_id "abVXTCcNO88zwwGucQyc_AAAAAI"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Power%20Chairs/Alante/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-11 19:21:00 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2026-01-29 07:41:00 (4 months ago)	"Brute force sslvpn"	VPN IP Brute-Force
🇩🇪 HandyTreff.de	2026-01-18 12:25:10 (4 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -43.041 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -43.041 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3588.1 show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2025-12-13 01:50:05 (5 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 HandyTreff.de	2025-12-01 06:25:20 (6 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -26.262 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -26.262 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1458.1 show less	Bad Web Bot Web App Attack
🇨🇦 wil.com	2025-11-29 23:36:17 (6 months ago)	GlobalProtect login attempts with user destinymartin.	VPN IP Brute-Force
🇫🇷 adembaysal	2025-11-14 14:36:04 (6 months ago)	Domain : kvkkasistan.com Rule : wp-login 2025-11-14 14:32:37 *hidden-privacy* GET /wp-login.php ... show more Domain : kvkkasistan.com Rule : wp-login 2025-11-14 14:32:37 *hidden-privacy* GET /wp-login.php - 443 - 45.136.25.68 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 https://www.google.com kvkkasistan.com 404 0 2 1547 256 181 - - show less	Web App Attack
🇺🇸 TPI-Abuse	2025-11-11 02:07:20 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 21:07:12.742831 2025] [security2:error] [pid 25578:tid 25578] [client 45.136.25.68:13221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|admin.turedinmobiliaria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "admin.turedinmobiliaria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRKaUKPozSTx8DpkNKWgTwAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 adembaysal	2025-11-08 14:18:06 (6 months ago)	Rule : PLESK BOT 2025-11-08 17:17:24 Unauthorized login attempt to Plesk Panel from IP 45.136.25.68 ... show more Rule : PLESK BOT 2025-11-08 17:17:24 Unauthorized login attempt to Plesk Panel from IP 45.136.25.68 with username root show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-11-02 07:20:13 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 02 02:20:06.086571 2025] [security2:error] [pid 3477:tid 3477] [client 45.136.25.68:41917] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dezignz.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dezignz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQcGJh0PH5LQnzxPxqrPOwAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-28 09:03:39 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.136.25.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 05:03:35.613513 2025] [security2:error] [pid 28918:tid 28918] [client 45.136.25.68:53861] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|barigby.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barigby.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQCG5xDeC-XptuZEpk_tewAAAAU"], referer: https://barigby.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.90.232.71

🇮🇩 103.122.67.223

🇨🇳 58.219.21.177

🇬🇧 35.203.210.243

🇭🇰 203.23.128.43

🇧🇷 190.89.167.114

🇧🇾 178.125.121.94

🇦🇷 66.128.38.79

🇫🇷 51.255.131.231

🇩🇪 18.197.5.54

🇨🇳 218.86.171.31

🇳🇱 185.223.235.56

🇻🇳 125.212.221.88

🇳🇱 89.21.67.146

🇮🇷 87.107.82.155

🇨🇭 80.89.208.74

🇨🇳 60.12.218.120

🇿🇲 41.63.62.103

🇺🇸 40.87.20.23

🇰🇷 39.117.79.36