JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.159.20.105

45.159.20.105 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 12%: ?

12%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.159.20.105

Whois 45.159.20.105

IP Abuse Reports for 45.159.20.105:

This IP address has been reported a total of 17 times from 11 distinct sources. 45.159.20.105 was first reported on February 6th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-05-06 15:36:42 (1 month ago)	Web password guessing	Brute-Force
🇺🇸 NicoID	2026-05-01 00:15:21 (1 month ago)	45.159.20.105 - - [30/Apr/2026:15:40:18 -0600] "GET /wp-login.php HTTP/1.1" 200 4884 "https://www.go ... show more 45.159.20.105 - - [30/Apr/2026:15:40:18 -0600] "GET /wp-login.php HTTP/1.1" 200 4884 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 kosada.com	2026-04-25 13:20:41 (1 month ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-04-24 15:45:24 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 11:45:19.417743 2026] [security2:error] [pid 7943:tid 7943] [client 45.159.20.105:12403] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeuQD3SOwdqiWX3T5GcSwwAAAA4"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-21 01:27:47 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 21:27:41.176176 2026] [security2:error] [pid 2077238:tid 2077238] [client 45.159.20.105:23351] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|televisonic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "televisonic.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aebSja5h36FAn6kqO570eAAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 bazter.pro	2026-03-24 22:12:48 (2 months ago)	Auto-Ban [2026-03-25 00:12:44]: CRITICAL: Sensitive files (2); DC: FINE GROUP SERVERS SOLUTIONS LLC ... show more Auto-Ban [2026-03-25 00:12:44]: CRITICAL: Sensitive files (2); DC: FINE GROUP SERVERS SOLUTIONS LLC [Paths: 2] \| Details: Sensitive files/paths: /xmlrpc.php, /xmlrpc.php \| Other paths: /xmlrpc.php, /wp-login.php show less	Web App Attack Hacking
Anonymous	2026-03-18 21:39:37 (2 months ago)	FPROCO WEBEXPLOIT 45.159.20.105 (45.159.20.105)	Web App Attack
🇺🇸 TPI-Abuse	2026-01-23 00:44:38 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.105 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 19:44:03.071772 2026] [security2:error] [pid 4110046:tid 4110145] [client 45.159.20.105:55083] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|michaelrandon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelrandon.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aXLEU3_svJsFLArIkufkPgAAARE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-01-21 08:53:31 (4 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 kosada.com	2025-10-06 01:47:05 (8 months ago)	Web password guessing	Brute-Force
Anonymous	2025-10-05 15:46:31 (8 months ago)	Attempted WordPress login: 45.159.20.105 - - [05/Oct/2025:16:46:30 +0100] "GET /wp-login.php HTTP/1 ... show more Attempted WordPress login: 45.159.20.105 - - [05/Oct/2025:16:46:30 +0100] "GET /wp-login.php HTTP/1.1" 200 234 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.2" show less	Hacking Web App Attack
🇬🇧 SilverZippo	2025-10-03 22:38:47 (8 months ago)	Web App Attack	Web App Attack
🇨🇿 lp	2025-08-16 22:52:09 (9 months ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.20.105 2025-08-16T23:34:58+02: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.20.105 2025-08-16T23:34:58+02:00 vpn Access-Reject 'payuka' station: 45.159.20.105 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-16T23:38:34+02:00 vpn Access-Reject 'peropo' station: 45.159.20.105 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
Anonymous	2025-03-30 13:31:56 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/30 08:29:46	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-03-28 15:46:33 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/28 08:23:17	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 217.145.72.199

🇸🇪 83.177.240.110

🇮🇶 65.20.187.47

🇨🇳 180.167.128.203

🇸🇪 171.25.158.47

🇨🇦 148.113.128.91

🇺🇸 129.212.183.98

🇷🇴 92.118.39.236

🇲🇩 91.208.184.96

🇷🇴 80.94.92.171

🇳🇱 64.89.162.78

🇧🇷 45.205.1.197

🇨🇦 45.194.92.26

🇨🇦 20.151.14.182

🇺🇸 2602:80d:1008::8f

🇳🇱 204.76.203.51

🇭🇰 47.243.174.183

🇧🇷 187.45.57.5

🇸🇬 172.253.236.218

🇮🇩 103.135.215.10