JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.145.131.247

45.145.131.247 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.145.131.247

Whois 45.145.131.247

IP Abuse Reports for 45.145.131.247:

This IP address has been reported a total of 20 times from 14 distinct sources. 45.145.131.247 was first reported on December 2nd 2020, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mind5t0rm	2026-02-05 21:18:37 (4 months ago)	(XMLRPC) WP XMLPRC Attack 45.145.131.247 (IL/Israel/-): 3 in the last 3600 secs; Ports: ; Direction ... show more (XMLRPC) WP XMLPRC Attack 45.145.131.247 (IL/Israel/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 45.145.131.247 - - [06/Feb/2026:04:18:30 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/7.88.1" 45.145.131.247 - - [06/Feb/2026:04:18:31 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/7.88.1" 45.145.131.247 - - [06/Feb/2026:04:18:32 +0700] "POST /xmlrpc.php HTTP/2.0" 403 154 "-" "curl/7.88.1" show less	Port Scan
🇬🇧 Steve	2026-02-05 17:00:38 (4 months ago)	Abuse of XMLRPC	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-10 14:34:59 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇬🇧 Steve	2025-11-28 07:55:41 (6 months ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇺🇸 oncord	2025-11-27 20:40:34 (6 months ago)	Form spam	Web Spam
🇩🇪 hbrks	2025-11-04 06:54:57 (7 months ago)	2 attack(s) detected, such as these: {"event":"nginx_block","ip":"45.145.131.247","host":"marche-be. ... show more 2 attack(s) detected, such as these: {"event":"nginx_block","ip":"45.145.131.247","host":"marche-be.com","request":"GET /wp-login.php HTTP/1.1","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36","reason":"service:unknow","timestamp":"2025-11-04T06:54:57 00:00","logentry":"marche-be.com 45.145.131.247 - - [04/Nov/2025:06:54:57 0000] GET /wp-login.php HTTP/1.1 444 0 http://marche-be.com/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 - matched:service:unknow"} * Report Details : https://p4u.xyz/QVVB9QITQST/1 IP Details *: https://p4u.xyz/QVVB9QITQST/2 show less	Web Spam Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-01 16:22:03 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 45.145.131.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 45.145.131.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 12:21:57.946014 2025] [security2:error] [pid 22864:tid 22864] [client 45.145.131.247:13735] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.victorg.me\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.victorg.me"] [uri "/cgi-bin/"] [unique_id "aQYzpUdpDYi9BSg9PLJz_wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-25 01:12:18 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 45.145.131.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 45.145.131.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 24 21:12:14.431854 2025] [security2:error] [pid 3373:tid 3373] [client 45.145.131.247:18005] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aPwj7mpZdHAC2X0rJR4ZagAAAAM"], referer: https://jolankagroup.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-05-02 14:17:08 (1 year ago)	(From [email protected]) Dear Madam, Is your team frequently on the road for business? ... show more (From [email protected]) Dear Madam, Is your team frequently on the road for business? Many businesses still spend unnecessarily high amounts on roaming fees. We offer a modern solution with global eSIM plans — 100% virtual, instantly activated, and up to 85% cheaper. Great for frequent travelers. Find out more: https://e-simworldwide.com Kind regards, e-SIM Worldwide show less	Phishing Web Spam
Anonymous	2025-04-30 23:21:44 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 nowyouknow	2025-04-26 20:16:36 (1 year ago)	(From [email protected]) Dear Madam, Is your team frequently traveling for business? A lot ... show more (From [email protected]) Dear Madam, Is your team frequently traveling for business? A lot of companies still pay unnecessarily high amounts on roaming fees. We offer a modern solution with international eSIM plans — fully digital, instantly activated, and with savings of up to 85%. Ideal for international businesses. Learn more: https://e-simworldwide.com Kind regards, e-SIM Worldwide show less	Phishing Web Spam
🇦🇺 ipv4.fr	2025-04-19 01:39:43 (1 year ago)	45.145.131.247 - - [19/Apr/2025:01:39:42 +0000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; ... show more 45.145.131.247 - - [19/Apr/2025:01:39:42 +0000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 uacq" ... show less	Brute-Force Web App Attack
🇺🇸 nationaleventpros.com	2025-03-26 04:19:33 (1 year ago)	WordPress login attempt	Brute-Force
🇮🇩 Burayot	2024-12-05 16:14:04 (1 year ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.145.131.247 (IL/Israel/-): 1 in ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.145.131.247 (IL/Israel/-): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2024-12-03 06:50:21 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 216.226.76.30

🇧🇷 205.210.31.236

🇬🇧 165.154.129.43

🇮🇳 103.165.62.71

🇭🇰 101.36.108.133

🇺🇸 75.102.23.159

🇺🇸 66.132.195.31

🇩🇪 47.245.140.111

🇸🇬 47.84.205.167

🇫🇮 46.62.184.25

🇫🇮 37.27.244.229

🇨🇳 221.228.10.71

🇺🇸 205.210.31.105

🇹🇼 198.235.24.42

🇫🇷 195.154.169.177

🇩🇪 172.70.250.138

🇩🇪 167.94.146.63

🇪🇬 154.182.12.140

🇺🇸 147.185.132.43

🇺🇸 137.184.36.28