JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.147.234.102

45.147.234.102 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 11%: ?

11%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.147.234.102

Whois 45.147.234.102

IP Abuse Reports for 45.147.234.102:

This IP address has been reported a total of 11 times from 5 distinct sources. 45.147.234.102 was first reported on June 25th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-01 03:13:46 (4 days ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 45.147.234.102 172.68.23.23 - - [29/May/2026:12:58: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 45.147.234.102 172.68.23.23 - - [29/May/2026:12:58:05 -0300] "GET /wp-login.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇧🇷 Peregrine	2026-05-31 03:13:38 (5 days ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 45.147.234.102 172.68.23.23 - - [29/May/2026:12:58: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 45.147.234.102 172.68.23.23 - - [29/May/2026:12:58:05 -0300] "GET /wp-login.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇧🇷 Peregrine	2026-05-29 15:58:16 (6 days ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 45.147.234.102 172.68.23.23 - - [29/May/2026:12:58: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 45.147.234.102 172.68.23.23 - - [29/May/2026:12:58:05 -0300] "GET /wp-login.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-29 23:26:13 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.147.234.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 45.147.234.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 19:26:06.174088 2026] [security2:error] [pid 25846:tid 25846] [client 45.147.234.102:46569] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|solve4this.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "solve4this.com"] [uri "/s3cmd.ini"] [unique_id "afKTjggSoySINLaIBA9sJgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 10:22:44 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.147.234.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 45.147.234.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 06:22:36.815424 2026] [security2:error] [pid 23715:tid 23715] [client 45.147.234.102:33025] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.keystroke.info\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.keystroke.info"] [uri "/s3cmd.ini"] [unique_id "afHb7HzPSmCgdjE9QFWnmwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 06:19:05 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.147.234.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 45.147.234.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 02:18:58.124222 2026] [security2:error] [pid 3987:tid 4011] [client 45.147.234.102:46679] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|switchbl8.nl\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "switchbl8.nl"] [uri "/s3cmd.ini"] [unique_id "ae7_0ruUk4jJXss8nZatLQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-01-02 10:35:46 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-35.45.147.234.102.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 12-35.45.147.234.102.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2025-12-18 03:34:14 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-34.45.147.234.102.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-34.45.147.234.102.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2025-12-17 14:36:30 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-36.45.147.234.102.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 16-36.45.147.234.102.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-10 14:37:44 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-06-25 14:28:00 (11 months ago)	Message meets Alert condition The following critical firewall event was detected: SSL VPN login fai ... show more Message meets Alert condition The following critical firewall event was detected: SSL VPN login fail. date=2025-06-24 time=23:43:07 devname=FortiGate-200F devid=FG200FT922906136 eventtime=1750826587114548574 tz="-0500" logid="0101039426" type="event" subtype="vpn" level="alert" vd="root" logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=45.147.234.102 srccountry="United States" user="mmacdonald" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in" show less	VPN IP

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.189.177

🇺🇿 213.230.93.7

🇫🇮 74.125.74.156

🇩🇪 62.216.201.109

🇱🇹 62.60.130.186

🇧🇷 45.175.30.166

🇩🇪 178.105.183.10

🇫🇮 147.185.133.120

🇸🇬 101.47.158.56

🇷🇺 94.198.1.94

🇩🇪 80.158.109.51

🇯🇵 43.165.183.231

🇬🇧 35.203.211.228

🇺🇸 17.246.23.182

🇨🇳 223.99.172.67

🇧🇷 187.62.87.27

🇧🇷 162.241.203.7

🇺🇿 84.54.73.214

🇺🇸 18.117.232.96

🇻🇳 14.186.163.96