JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.148.232.121

45.148.232.121 was found in our database!

This IP was reported 159 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.148.232.121

Whois 45.148.232.121

IP Abuse Reports for 45.148.232.121:

This IP address has been reported a total of 159 times from 14 distinct sources. 45.148.232.121 was first reported on November 23rd 2020, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-20 10:52:21 (2 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 16:35:15 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 11:35:10.627588 2026] [security2:error] [pid 2256310:tid 2256310] [client 45.148.232.121:60413] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|walkercline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "walkercline.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aXJRviNM9zEdLEIDWVMiEAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 11:18:42 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 06:18:38.855469 2026] [security2:error] [pid 17276:tid 17276] [client 45.148.232.121:53107] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|schwanpaint.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "schwanpaint.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXIHjnBh4_3eVphfEd7saAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-11-07 19:23:30 (6 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.232.121 2025-11-07T19:40:45+01 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.232.121 2025-11-07T19:40:45+01:00 vpn Access-Reject 'cisco' station: 45.148.232.121 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇮🇳 dineshskt4all	2025-10-26 19:06:13 (7 months ago)	[Sun Oct 26 19:06:11.429037 2025] [proxy_fcgi:error] [pid 2209738:tid 139002313107136] [client 45.14 ... show more [Sun Oct 26 19:06:11.429037 2025] [proxy_fcgi:error] [pid 2209738:tid 139002313107136] [client 45.148.232.121:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇨🇿 lp	2025-10-10 21:25:57 (7 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.232.121 2025-10-10T22:40:39+02 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.232.121 2025-10-10T22:40:39+02:00 vpn Access-Reject 'user900' station: 45.148.232.121 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇺🇸 skycodee	2025-10-05 12:49:29 (7 months ago)	Repeated TLS handshake abuse against Pterodactyl Wings (port 8080)	DDoS Attack
🇺🇸 TPI-Abuse	2025-03-09 04:56:16 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 23:56:13.282952 2025] [security2:error] [pid 15091:tid 15091] [client 45.148.232.121:46589] [client 45.148.232.121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ftdixfcu.com"] [uri "/.env"] [unique_id "Z80fbS3BOPRx9UOzf7w7cwAAABE"], referer: https://tasamm.com/about/mmm56.html show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-02-15 11:50:20 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.232.121 2025-02-15T11:56:54+01 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 45.148.232.121 2025-02-15T11:56:54+01:00 vpn Access-Reject 'tropicalize' station: 45.148.232.121 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇸🇪 OnTheEdge	2025-02-15 05:56:49 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇷🇺 sms.ru	2024-09-30 00:35:06 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇪🇸 el-brujo	2024-06-09 21:23:00 (1 year ago)	DDoS Attack Layer 7 - REQUESTS / HTTP/2.0	DDoS Attack
🇺🇸 TPI-Abuse	2024-06-02 13:49:07 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 45.148.232.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 02 09:49:01.253329 2024] [security2:error] [pid 2658977] [client 45.148.232.121:47691] [client 45.148.232.121] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intervinum.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intervinum.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Zlx4TXBTQJJbMeedsTj8-wAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-11 21:53:07 (2 years ago)	opencart admin attack from fail2ban ...	DDoS Attack Brute-Force SSH
🇳🇱 xyz.rip	2022-02-16 03:38:58 (4 years ago)	Magento Bruteforce Attempt...	Brute-Force Web App Attack

Showing 1 to 15 of 159 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 199.231.163.19

🇺🇸 184.105.247.224

🇺🇸 140.235.17.65

🇫🇷 109.9.44.89

🇳🇱 104.239.110.117

🇷🇴 80.94.92.184

🇦🇿 188.227.222.88

🇳🇱 185.223.235.54

🇩🇪 185.220.101.160

🇺🇸 172.253.86.16

🇭🇰 144.48.8.86

🇩🇪 81.90.28.175

🇦🇪 46.245.238.18

🇺🇸 3.93.176.174

🇺🇸 2607:f8b0:4001:c61::12c

🇺🇸 205.185.120.156

🇧🇴 200.105.172.184

🇹🇳 197.26.179.93

🇩🇪 164.92.176.43

🇳🇱 129.121.88.64