JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.147.235.126

45.147.235.126 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 13%: ?

13%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.147.235.126

Whois 45.147.235.126

IP Abuse Reports for 45.147.235.126:

This IP address has been reported a total of 8 times from 5 distinct sources. 45.147.235.126 was first reported on October 30th 2025, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-22 11:57:11 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:57:07.272532 2026] [security2:error] [pid 13531:tid 13531] [client 45.147.235.126:52377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billymitchell.com"] [uri "/wp-config.php.old"] [unique_id "ahBEk-0aUC8JdhRdZXXvnQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 20:54:52 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:54:46.974010 2026] [security2:error] [pid 27660:tid 27682] [client 45.147.235.126:31331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sloveniaflyfishing.com"] [uri "/wp-config.php.dist"] [unique_id "ag4flkCXELTE5kCLKXaaFwAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 04:31:52 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 00:31:47.290752 2026] [security2:error] [pid 972:tid 972] [client 45.147.235.126:30043] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|plazahacienda.com\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "plazahacienda.com"] [uri "/wp-config.inc"] [unique_id "ag05MzfcevijuFlKil8XBAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-05-17 16:16:01 (1 month ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
Anonymous	2026-05-04 08:12:44 (1 month ago)	45.147.235.126 - - [04/May/2026:16:12:44 +0800] "GET /wp-content/uploads/shell.php HTTP/1.1" 301 - " ... show more 45.147.235.126 - - [04/May/2026:16:12:44 +0800] "GET /wp-content/uploads/shell.php HTTP/1.1" 301 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-04-15 10:18:04 (2 months ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 fbarela	2025-11-06 15:00:44 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-30 03:28:57 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 45.147.235.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 23:28:51.129060 2025] [security2:error] [pid 888588:tid 888588] [client 45.147.235.126:61791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|harvestfrc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "harvestfrc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQLbcwcPR3fIpr7FCESvvgAAAAc"], referer: https://harvestfrc.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 64.39.106.19

🇧🇷 45.161.29.204

🇩🇪 43.165.62.10

🇧🇷 20.206.88.164

🇫🇮 172.253.83.218

🇭🇰 152.32.209.166

🇮🇳 80.65.208.120

🇺🇸 40.77.179.97

🇹🇼 198.235.24.50

🇧🇷 189.52.52.162

🇳🇱 176.65.149.230

🇩🇪 155.117.234.80

🇺🇸 24.144.84.83

🇻🇳 14.248.83.33

🇰🇷 1.247.245.61

🇻🇪 190.205.21.145

🇮🇷 93.110.62.37

🇳🇱 85.11.167.109

🇮🇪 65.52.75.227

🇨🇳 60.205.223.197