JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.172.218.35

45.172.218.35 was found in our database!

This IP was reported 179 times. Confidence of Abuse is 4%: ?

ISP	INTERMEGAMUNDO PARTNERS S.A.S.
Usage Type	Fixed Line ISP
ASN	AS267810
Domain Name	intermegamundo.com
Country	🇨🇴 Colombia
City	Curumani, Cesar Department

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.172.218.35

Whois 45.172.218.35

IP Abuse Reports for 45.172.218.35:

This IP address has been reported a total of 179 times from 95 distinct sources. 45.172.218.35 was first reported on December 7th 2020, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 hermawan	2026-06-06 23:13:14 (1 day ago)	[Sun Jun 07 06:13:13.308175 2026] [security2:error] [pid 406252:tid 140593665664704] [client 45.172. ... show more [Sun Jun 07 06:13:13.308175 2026] [security2:error] [pid 406252:tid 140593665664704] [client 45.172.218.35:36540] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "www.yandex.go.id" at REQUEST_HEADERS:Referer. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "582"] [id "440068"] [msg "BAD Referer"] [data "Matched Data: www.yandex.go.id found within REQUEST_HEADERS:Referer: https://www.yandex.go.id/ request_line = GET /index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-dasarian/deterministik-curah-hujan-provinsi-jawa-timur"] [unique_id "aiSpiWKNfZpPmd_EX_pY2gAAAIQ"], referer https://www.yandex.go.id/ [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[406283] [7LHe610toLs] [aiSpiWKNfZpPmd_EX_pY2gAAAIQ] keep_alive=[0] [2026-06-07 06:13:13.308184] [R:aiSpiWKNfZpPmd_EX_pY2gA ... show less	Email Spam Hacking
🇮🇩 hermawan	2026-03-31 12:27:55 (2 months ago)	Captured JA4H: ge20n_62df0e8e1417 \| Log: 45.172.218.35 - - [31/Mar/2026:19:25:08 +0700] "GET /index. ... show more Captured JA4H: ge20n_62df0e8e1417 \| Log: 45.172.218.35 - - [31/Mar/2026:19:25:08 +0700] "GET /index.php/informasi-iklim/infografis-iklim/infografis-bulanan/infografis-bulanan-buletin HTTP/2.0" 200 30233 "https://staklim-jatim.bmkg.go.id/" "Mozilla/5.0 (Linux; Android 14; SM-A528B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Mobile Safari/537.36" ge20n_sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,upgrade-insecure-requests,user-agent,accept,sec-fetch-site,sec-fetch-mode,sec-fetch-user,sec-fetch-dest,accept-encoding,accept-language,referer,host... ... show less	Email Spam Hacking
🇺🇸 matt	2026-03-04 02:09:13 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
Anonymous	2025-11-22 08:47:56 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇫🇷 Hippoline	2025-08-07 06:29:51 (10 months ago)	Aug 7 08:28:03 local wp(XXXX-B)[16562]: Authentication attempt for unknown user admin from ::ffff:4 ... show more Aug 7 08:28:03 local wp(XXXX-B)[16562]: Authentication attempt for unknown user admin from ::ffff:45.172.218.35 ... show less	Brute-Force Web App Attack
🇫🇷 Hippoline	2025-01-30 02:17:39 (1 year ago)	Jan 30 03:15:05 local wp(XXXX-B)[11929]: Authentication attempt for unknown user admin from ::ffff:4 ... show more Jan 30 03:15:05 local wp(XXXX-B)[11929]: Authentication attempt for unknown user admin from ::ffff:45.172.218.35 ... show less	Brute-Force Web App Attack
🇫🇷 Hippoline	2024-07-23 02:04:35 (1 year ago)	Jul 23 04:01:04 local wp(XXXX-B)[13271]: Authentication attempt for unknown user admin from ::ffff:4 ... show more Jul 23 04:01:04 local wp(XXXX-B)[13271]: Authentication attempt for unknown user admin from ::ffff:45.172.218.35 ... show less	Brute-Force Web App Attack
Anonymous	2024-05-14 00:29:00 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 MAGIC	2024-05-13 02:17:46 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2024-05-13 00:04:48 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-04-29 18:39:41 (2 years ago)	45.172.218.35 (CO/Colombia/Cesar Department/Curumaní/host218-35.intermegamundo.com/[redacted]	Brute-Force
🇦🇺 MAGIC	2024-04-28 00:09:02 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2024-04-27 02:03:03 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-04-26 15:38:30 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 45.172.218.35 (host218-35.intermegamundo.com): ... show more (mod_security) mod_security (id:210492) triggered by 45.172.218.35 (host218-35.intermegamundo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 26 11:36:29.932397 2024] [security2:error] [pid 18066] [client 45.172.218.35:63449] [client 45.172.218.35] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stationrestaurant.ca"] [uri "/wp-config.phpnew"] [unique_id "ZivJ_bSZ1Rm2gnqEXXpp_AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-04-25 11:03:58 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 179 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 118.71.17.12

🇮🇳 103.67.152.201

🇵🇰 36.255.33.159

🇧🇪 34.38.143.207

🇹🇷 2a09:bac1:72a0:f00::150:e5

🇻🇳 171.251.234.152

🇧🇩 103.171.69.87

🇻🇳 103.75.183.177

🇷🇺 89.204.93.93

🇳🇱 81.19.216.68

🇷🇺 46.165.56.242

🇳🇱 45.86.200.26

🇮🇳 188.241.62.83

🇺🇸 165.227.62.247

🇻🇳 123.20.138.216

🇺🇸 113.20.0.58

🇺🇸 64.62.197.107

🇹🇭 49.231.192.36

🇪🇨 45.239.48.125

🇺🇸 2607:f8b0:4001:c13::122