JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.148.232.22

45.148.232.22 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.148.232.22

Whois 45.148.232.22

IP Abuse Reports for 45.148.232.22:

This IP address has been reported a total of 147 times from 14 distinct sources. 45.148.232.22 was first reported on November 23rd 2020, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-15 23:21:10 (5 months ago)	Forum/form spam	Web Spam
🇬🇧 relianoid.com	2025-10-19 09:25:30 (7 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇳🇱 exxos	2025-10-15 19:03:01 (7 months ago)	Attacks with Bad user agents	Hacking
Anonymous	2025-06-15 13:40:27 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-03-17 23:16:31 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 17 19:16:25.924036 2025] [security2:error] [pid 12754:tid 12754] [client 45.148.232.22:21043] [client 45.148.232.22] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|areafinancieratf.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "areafinancieratf.com"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z9itSTf7x-EIoFmi6fVMWgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 hostseries	2025-03-12 01:45:22 (1 year ago)	Brute-force cPanel Services	Brute-Force
🇺🇸 hostseries	2025-03-10 17:28:15 (1 year ago)	Brute-force cPanel Services	Brute-Force
🇧🇷 hostseries	2025-03-10 00:00:00 (1 year ago)	Brute-force cPanel Services	Brute-Force
🇺🇸 TPI-Abuse	2025-03-08 13:09:56 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 08:09:50.519707 2025] [security2:error] [pid 1313164:tid 1313164] [client 45.148.232.22:31817] [client 45.148.232.22] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|321q.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "321q.com"] [uri "/wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [unique_id "Z8xBnt4_UhwjHwLoODARpgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-02 20:47:43 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 02 15:47:40.038015 2025] [security2:error] [pid 18900:tid 18900] [client 45.148.232.22:42061] [client 45.148.232.22] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gridentity.com"] [uri "/.env"] [unique_id "Z8TD7AvxkpSARc5ZWyyeHgAAAAI"], referer: https://tasamm.com/about/ggg36.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-28 05:30:33 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 45.148.232.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 00:30:29.965718 2025] [security2:error] [pid 953:tid 953] [client 45.148.232.22:25301] [client 45.148.232.22] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|www.sigrc.org\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sigrc.org"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z8FJ9d7wxJ3SNsMIIZG2yQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2023-05-04 10:16:31 (3 years ago)	Distributed DDOS attempts for multiple sites	DDoS Attack Bad Web Bot
🇪🇸 10dencehispahard SL	2023-03-24 08:26:00 (3 years ago)	Unauthorized login attempts [{'wordpress'}]	Brute-Force Web App Attack
🇺🇸 mnsf	2023-03-17 15:04:12 (3 years ago)	Login Too Frequent (6)	Brute-Force Web App Attack
🇯🇵 HeliJP	2022-09-29 11:23:29 (3 years ago)	2022-09-29 11:25:08 - Recognized attacks\bad behavior from IP address 45.148.232.22 on port 443\80 ( ... show more 2022-09-29 11:25:08 - Recognized attacks\bad behavior from IP address 45.148.232.22 on port 443\80 (50 daily hits): Remote Command Execution: Windows Command Injection, Remote Command Execution: Wildcard bypass technique attempt, RCE Bypass Technique, PHP Injection Attack: High-Risk PHP Function Call Found, SQL Injection Attack Detected via libinjection, SQL Injection Attack: SQL Operator Detected, SQL Injection Attack: SQL Tautology Detected, SQL Injection Attack, Detects MySQL comments, conditions and ch(a)r injections, Detects chained SQL injection attempts 2/2, Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12), SQL Comment Sequence Detected show less	Hacking SQL Injection Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇧🇷 168.228.222.4

🇰🇷 118.194.249.8

🇮🇳 103.163.44.10

🇷🇺 89.169.48.41

🇸🇪 85.24.223.224

🇺🇸 52.153.130.74

🇶🇦 2600:1900:4260:40e::e3

🇲🇽 201.140.123.130

🇨🇳 115.190.203.239

🇸🇬 103.189.234.253

🇮🇳 103.21.79.242

🇺🇸 66.132.172.187

🇲🇾 47.250.36.126

🇸🇬 47.128.61.23

🇸🇬 104.233.44.218

🇺🇸 64.95.14.254

🇦🇺 58.6.206.239

🇷🇺 213.180.203.87

🇧🇷 177.118.63.201