JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.152.64.36

45.152.64.36 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	XNNET LIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS139659
Domain Name	xn.net
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.152.64.36

Whois 45.152.64.36

IP Abuse Reports for 45.152.64.36:

This IP address has been reported a total of 20 times from 7 distinct sources. 45.152.64.36 was first reported on December 6th 2023, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 JustMeHere	2026-04-02 15:54:01 (2 months ago)	[Thu Apr 02 11:53:53.400784 2026] [security2:error] [pid 365383:tid 365433] [client 45.152.64.36:542 ... show more [Thu Apr 02 11:53:53.400784 2026] [security2:error] [pid 365383:tid 365433] [client 45.152.64.36:54261] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "forum.yorknation.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ac6REaJFg80YdmlBHpLH8wAAANY"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 15:38:37 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 11:38:33.370059 2026] [security2:error] [pid 14080:tid 14080] [client 45.152.64.36:52001] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|janyoors.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "janyoors.com"] [uri "/"] [unique_id "ac07-VMBrtJfo88-teKVDwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 15:22:18 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 11:22:10.222870 2026] [security2:error] [pid 25616:tid 25616] [client 45.152.64.36:65105] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|hotelkona.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hotelkona.com"] [uri "/"] [unique_id "ac04Ipz4nXgcMWWmdn6D6QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 14:46:38 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 10:46:31.693034 2026] [security2:error] [pid 27590:tid 27590] [client 45.152.64.36:55755] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|fluff3.instagenii.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "fluff3.instagenii.com"] [uri "/"] [unique_id "ac0vx6huc9FhFJwojvHRowAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 arirabinowitz.com	2026-04-01 14:05:00 (2 months ago)	45.152.64.36 - - [01/Apr/2026:01:41:07 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 1 "-" "Mo ... show more 45.152.64.36 - - [01/Apr/2026:01:41:07 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 1 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 45.152.64.36 - - [01/Apr/2026:04:34:58 -0400] "POST /wp-admin/admin-ajax.php HTTP/1.1" 400 1 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 45.152.64.36 - - [01/Apr/2026:08:59:49 -0400] "POST / HTTP/1.1" 200 34141 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-04-01 13:32:12 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 09:32:07.504405 2026] [security2:error] [pid 21065:tid 21065] [client 45.152.64.36:63823] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|cms.saltybluemexico.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "cms.saltybluemexico.com"] [uri "/"] [unique_id "ac0eV8XQY5K78-KW25TZDQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 13:05:22 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 09:05:16.384793 2026] [security2:error] [pid 12030:tid 12037] [client 45.152.64.36:50881] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|bortec-corp.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bortec-corp.com"] [uri "/"] [unique_id "ac0YDMmVJNchyGMvS3CaxgAAAUI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 12:44:52 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 08:44:44.203580 2026] [security2:error] [pid 12603:tid 12603] [client 45.152.64.36:58239] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|azdar.am\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "azdar.am"] [uri "/"] [unique_id "ac0TPEbpK5HdYS_rslojtwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 12:23:53 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 45.152.64.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 08:23:46.379666 2026] [security2:error] [pid 10923:tid 10923] [client 45.152.64.36:53755] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|allfloridamedia.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "allfloridamedia.com"] [uri "/"] [unique_id "ac0OUg0hxYya5i013Nf9rAAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 JustMeHere	2026-04-01 10:09:45 (2 months ago)	[Wed Apr 01 06:09:36.992775 2026] [security2:error] [pid 365249:tid 365356] [client 45.152.64.36:548 ... show more [Wed Apr 01 06:09:36.992775 2026] [security2:error] [pid 365249:tid 365356] [client 45.152.64.36:54849] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "forum.yorknation.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aczu4J03oaaiu3mrgRPgYAAAAIY"] ... show less	Web App Attack
🇺🇸 JustMeHere	2026-04-01 07:24:30 (2 months ago)	[Wed Apr 01 03:24:25.825461 2026] [security2:error] [pid 365383:tid 365424] [client 45.152.64.36:535 ... show more [Wed Apr 01 03:24:25.825461 2026] [security2:error] [pid 365383:tid 365424] [client 45.152.64.36:53518] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "forum.yorknation.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "aczIKaJFg80YdmlBHpI2jgAAAM0"] ... show less	Web App Attack
🇩🇪 Skyrider	2026-03-24 16:23:36 (3 months ago)	crowdsecurity/http-wordpress-scan	Hacking
🇺🇸 JustMeHere	2026-03-24 13:22:05 (3 months ago)	[Tue Mar 24 09:21:56.805434 2026] [security2:error] [pid 295442:tid 295587] [client 45.152.64.36:577 ... show more [Tue Mar 24 09:21:56.805434 2026] [security2:error] [pid 295442:tid 295587] [client 45.152.64.36:57700] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 25)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "forum.yorknation.com"] [uri "/wp-content/plugins/wp-automatic/inc/csv.php"] [unique_id "acKP9CBBQUzwcbukPX1UwQAAAJA"] ... show less	Web App Attack
Anonymous	2026-03-23 02:26:51 (3 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Skyrider	2026-03-23 01:07:26 (3 months ago)	crowdsecurity/http-wordpress-scan	Hacking

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 207.90.244.18

🇬🇧 193.163.125.209

🇫🇮 147.185.133.188

🇺🇸 104.206.128.54

🇧🇬 77.71.69.32

🇫🇷 51.159.149.103

🇸🇬 47.84.107.200

🇺🇸 37.123.192.41

🇹🇼 128.14.237.120

🇻🇳 116.101.123.227

🇺🇸 91.193.232.115

🇳🇱 46.235.40.33

🇧🇷 45.229.156.236

🇮🇩 36.37.73.242

🇧🇪 35.189.209.215

🇹🇭 1.2.214.104

🇫🇯 210.7.29.70

🇵🇰 175.107.211.212

🇮🇳 103.86.180.10

🇳🇱 87.199.201.200