JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.222.213.2

45.222.213.2 was found in our database!

This IP was reported 270 times. Confidence of Abuse is 83%: ?

83%

ISP	TACOTEL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS37282
Domain Name	mainone.net
Country	🇬🇭 Ghana
City	Takoradi, Western

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.222.213.2

Whois 45.222.213.2

IP Abuse Reports for 45.222.213.2:

This IP address has been reported a total of 270 times from 108 distinct sources. 45.222.213.2 was first reported on October 28th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-26 18:58:22 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 20:18:58 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 45.222.213.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.222.213.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:18:53.683550 2026] [security2:error] [pid 13720:tid 13720] [client 45.222.213.2:58429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pulleasy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pulleasy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj2NLQQzv7FIzByRQt5MYAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-25 15:00:11 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇱 enpepet	2026-06-24 16:18:52 (4 days ago)	GENERAL: parametres: [url:xmlrpc=] UA:Mozilla/5.0 (Windows NT 6.3; x64) AppleWebKit/537.36 (KHTML, l ... show more GENERAL: parametres: [url:xmlrpc=] UA:Mozilla/5.0 (Windows NT 6.3; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/67.0.0.0 Safari/537.36 URL:/xmlrpc.php show less	Port Scan Hacking Brute-Force Bad Web Bot
🇳🇱 Site.eu	2026-06-22 17:42:41 (6 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 4server	2026-06-22 09:21:07 (6 days ago)	[MonJun2211:21:03.8358222026][security2:error][pid1827422:tid1827451][client45.222.213.2:0]ModSecuri ... show more [MonJun2211:21:03.8358222026][security2:error][pid1827422:tid1827451][client45.222.213.2:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"modularss.com\"][uri\"/xmlrpc.php\"][unique_id\"ajj-f-ZgXy0B4MlcW3g15QAAABI\"] show less	Port Scan Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-19 19:29:33 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-06-18 18:38:41 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-18 18:37:52 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 dynamix	2026-06-18 10:22:57 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 Hazzard	2026-06-15 16:15:16 (1 week ago)	(wordpress) Failed wordpress login from 45.222.213.2 (GH/Ghana/-/-/-/[redacted]): (CF_ENABLE)	Brute-Force
🇩🇪 LRob.fr	2026-06-15 10:15:04 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇳🇴 jad-abuse	2026-06-15 10:06:23 (1 week ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Obse ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 2 hits. show less	Brute-Force Web App Attack
🇩🇪 Holger	2026-06-13 12:35:05 (2 weeks ago)	WordPress WebAttack	Brute-Force Web App Attack
🇩🇪 4server	2026-06-12 12:49:37 (2 weeks ago)	[FriJun1214:49:30.7558232026][security2:error][pid3708598:tid3708677][client45.222.213.2:0]ModSecuri ... show more [FriJun1214:49:30.7558232026][security2:error][pid3708598:tid3708677][client45.222.213.2:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"robertselitrenny.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiwAWmVDwdlgdC0sOJ-5sAAAAIs\"] show less	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 270 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 171.25.158.74

🇵🇰 110.93.224.226

🇰🇷 59.15.58.148

🇳🇱 45.148.10.121

🇸🇬 43.156.61.33

🇨🇳 8.160.178.245

🇳🇱 193.39.208.88

🇭🇳 181.115.59.103

🇩🇪 161.35.71.5

🇺🇸 157.245.139.163

🇺🇸 146.190.70.127

🇻🇳 113.171.81.144

🇸🇬 101.47.14.46

🇮🇳 49.207.244.28

🇧🇷 205.210.31.178

🇮🇹 93.92.77.143

🇷🇺 82.204.185.138

🇺🇸 66.132.172.197

🇮🇪 52.169.217.131

🇺🇸 45.156.129.65