JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.156.114.37

45.156.114.37 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 8%: ?

ISP	Global Tech Distribution s.r.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200590
Domain Name	nls.kz
Country	🇰🇿 Kazakhstan
City	Almaty, Almaty

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.156.114.37

Whois 45.156.114.37

IP Abuse Reports for 45.156.114.37:

This IP address has been reported a total of 15 times from 13 distinct sources. 45.156.114.37 was first reported on September 13th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 expressremit	2026-05-14 23:17:24 (3 weeks ago)	Email spoofing: 1 attempts forging From: header of @expremit.com mailboxes. Sextortion / Bitcoin ext ... show more Email spoofing: 1 attempts forging From: header of @expremit.com mailboxes. Sextortion / Bitcoin extortion campaign. Crypto wallets in body: 0xb42b28fC4890aE540CFCb8e1992f3D27d5C5F8AF 1mk5dtgcanfym3zmccp5vqkg9ippz6n2qz 1MK5DtGcAnfym3zmCCp5VqkG9iPpz6N2qZ. show less	Email Spam Brute-Force
🇷🇸 Smel	2026-05-03 09:49:17 (1 month ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇳🇱 maxxsense	2026-03-28 01:55:19 (2 months ago)	45.156.114.37 (KZ/Kazakhstan/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇨🇦 polycoda	2026-03-18 11:34:24 (2 months ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
Anonymous	2026-01-11 23:21:59 (4 months ago)	Unauthorized connection to Telnet port 23	Port Scan
🇩🇪 bescared	2026-01-11 18:16:47 (4 months ago)	F2B - Malicious activity detected. Unauthorized connection attempt: Telnet.	Port Scan
🇨🇳 ThreatBook.io	2026-01-08 00:46:05 (5 months ago)	ThreatBook Intelligence: Zombie,Dynamic IP more details on https://threatbook.io/ip/45.156.114.37	SSH
🇧🇷 SOC Blue Team	2026-01-07 05:25:55 (5 months ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 TPI-Abuse	2025-12-28 12:37:05 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 45.156.114.37 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 45.156.114.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 07:36:48.699070 2025] [security2:error] [pid 6152:tid 6152] [client 45.156.114.37:17600] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.richardpastor.com.jpastorphotographics.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.richardpastor.com.jpastorphotographics.com"] [uri "/"] [unique_id "aVEkYJHFMwTwZtkNDYONYgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2025-12-18 04:32:03 (5 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇨🇭 backslash	2025-12-07 04:50:21 (6 months ago)	block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803	Bad Web Bot
Anonymous	2025-02-20 16:35:34 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-12-26 12:21:59 (1 year ago)	Ports: 143,993; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
Anonymous	2024-12-24 23:27:52 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇰 wnbhosting.dk	2024-09-13 07:25:25 (1 year ago)	WP xmlrpc [2024-09-13T09:25:25+02:00]	Hacking Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.48.153.92

🇺🇸 98.97.82.91

🇺🇸 74.208.181.231

🇩🇪 34.179.162.208

🇮🇳 34.131.50.17

🇧🇪 34.76.23.205

🇸🇬 8.222.235.69

🇧🇷 187.109.236.225

🇲🇳 180.149.125.205

🇳🇱 176.65.149.31

🇻🇳 123.21.14.98

🇹🇼 118.163.162.180

🇧🇷 179.82.243.242

🇺🇸 172.64.217.187

🇨🇳 111.113.88.130

🇺🇸 91.193.232.138

🇺🇸 91.193.232.133

🇷🇴 80.94.92.164

🇳🇱 45.154.98.217

🇺🇸 208.73.204.160