JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.137.69.89

45.137.69.89 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 49%: ?

49%

ISP	Julian Achter
Usage Type	Data Center/Web Hosting/Transit
ASN	AS211507
Hostname(s)	lain.45.137.69.89.aluy.net
Domain Name	aluy.net
Country	🇫🇮 Finland
City	Turku, Southwest Finland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.137.69.89

Whois 45.137.69.89

IP Abuse Reports for 45.137.69.89:

This IP address has been reported a total of 16 times from 9 distinct sources. 45.137.69.89 was first reported on May 24th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 03:03:07 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:03:03.270860 2026] [security2:error] [pid 13607:tid 13607] [client 45.137.69.89:49728] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.boat-registration-spain.com"] [uri "/.git/config"] [unique_id "aiI8Zyzw4bLVCrC7DtZauQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 03:16:40 (6 days ago)	2026-06-04T06:46:20.129089+03:30 digitalogic sshd-session[612122]: pam_unix(sshd:auth): authenticati ... show more 2026-06-04T06:46:20.129089+03:30 digitalogic sshd-session[612122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.137.69.89 2026-06-04T06:46:22.358222+03:30 digitalogic sshd-session[612122]: Failed password for invalid user admin from 45.137.69.89 port 35488 ssh2 2026-06-04T06:46:33.552405+03:30 digitalogic sshd-session[612122]: Connection closed by invalid user admin 45.137.69.89 port 35488 [preauth] ... show less	Brute-Force SSH
Anonymous	2026-06-02 11:28:46 (1 week ago)	Attac	Brute-Force
🇩🇪 sverson	2026-06-02 00:23:10 (1 week ago)	Abusive use detected	Hacking
🇩🇪 sverson	2026-06-01 15:40:47 (1 week ago)	WP Web Form Spam	Web Spam
🇺🇸 xmission.com	2026-06-01 07:01:59 (1 week ago)	Blocked by UFW (TCP on 60988) Source port: 9001 TTL: 43 Packet length: 588 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 60988) Source port: 9001 TTL: 43 Packet length: 588 TOS: 0x08 This report (for 45.137.69.89) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-01 01:46:21 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 21:46:17.440713 2026] [security2:error] [pid 20866:tid 20866] [client 45.137.69.89:42214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.restaurantfixture.com"] [uri "/.git/config"] [unique_id "ahzkaeJUgj-h7HZSYuFVsgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2026-05-31 23:29:31 (1 week ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-30 23:05:53 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 19:05:48.278490 2026] [security2:error] [pid 20158:tid 20158] [client 45.137.69.89:44572] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|thenorwoods.name\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thenorwoods.name"] [uri "/dump.sql"] [unique_id "ahttTBO2YHWYxuzsLmyN3gAAAAY"], referer: thenorwoods.name/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-30 15:20:00 (1 week ago)	Blocked by UFW (TCP on 45158) Source port: 9001 TTL: 44 Packet length: 588 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 45158) Source port: 9001 TTL: 44 Packet length: 588 TOS: 0x08 This report (for 45.137.69.89) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-05-29 22:50:05 (1 week ago)	Web App Attack, Hacking	Hacking Web App Attack
Anonymous	2026-05-29 14:46:47 (1 week ago)	Attac	Brute-Force
🇺🇸 xmission.com	2026-05-28 20:39:59 (1 week ago)	Blocked by UFW (TCP on 40230) Source port: 9001 TTL: 43 Packet length: 588 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 40230) Source port: 9001 TTL: 43 Packet length: 588 TOS: 0x08 This report (for 45.137.69.89) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-28 19:47:21 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 45.137.69.89 (lain.45.137.69.89.aluy.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 15:47:16.896479 2026] [security2:error] [pid 18628:tid 18628] [client 45.137.69.89:35162] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mike.bickley.name\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mike.bickley.name"] [uri "/dump.sql"] [unique_id "ahibxD2I6eSSO8YEnBNRRQAAAAQ"], referer: mike.bickley.name/dump.sql show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-05-27 11:45:14 (1 week ago)	Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk- ... show more Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk-login jail show less	Brute-Force Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 210.79.142.221

🇹🇷 176.40.243.102

🇮🇩 160.187.174.22

🇨🇳 112.44.220.17

🇺🇸 66.132.224.228

🇳🇱 64.89.162.55

🇺🇸 52.190.137.119

🇺🇸 2607:f8b0:4004:1007::126

🇺🇸 173.255.223.149

🇩🇪 161.35.65.86

🇵🇰 153.117.9.209

🇫🇮 147.185.133.170

🇧🇩 103.171.69.65

🇷🇴 80.94.92.184

🇳🇱 45.148.10.152

🇺🇸 44.210.89.88

🇬🇧 2a06:4880::23

🇸🇬 212.73.148.3

🇨🇱 200.89.69.247

🇬🇧 193.163.125.237