JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.159.20.152

45.159.20.152 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 19%: ?

19%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.159.20.152

Whois 45.159.20.152

IP Abuse Reports for 45.159.20.152:

This IP address has been reported a total of 18 times from 13 distinct sources. 45.159.20.152 was first reported on June 3rd 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 [email protected]	2026-05-18 08:54:29 (1 month ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-login.php	Web App Attack
🇺🇸 octageeks.com	2026-05-11 04:06:48 (1 month ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇩🇪 LRob.fr	2026-05-03 19:00:13 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-01 12:03:00 (1 month ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇨🇿 ptlab	2026-04-27 12:46:20 (1 month ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇩🇪 LRob.fr	2026-04-25 10:45:19 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 4server	2026-04-25 05:46:13 (1 month ago)	[SatApr2507:46:08.5409652026][security2:error][pid368247:tid368344][client45.159.20.152:0]ModSecurit ... show more [SatApr2507:46:08.5409652026][security2:error][pid368247:tid368344][client45.159.20.152:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"xmlrpc\\\\\\\\.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_rules/03_asl_dos.conf\"][line\"65\"][id\"392331\"][rev\"3\"][msg\"Atomicorp.comWAFRules:xmlrpcDOSattack\"][severity\"CRITICAL\"][hostname\"dgtime.ch\"][uri\"/xmlrpc.php\"][unique_id\"aexVIIRtSDa62VsLxQQO3gAAAUI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-18 21:29:54 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 17:29:50.209080 2026] [security2:error] [pid 422:tid 422] [client 45.159.20.152:36927] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|esad.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "esad.com"] [uri "/wp-json/wp/v2/users"] [unique_id "absZTlJRc5uUZ_AQJ_GujwAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-12 00:32:06 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 11 20:32:02.003520 2025] [security2:error] [pid 17136:tid 17136] [client 45.159.20.152:14861] [client 45.159.20.152] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dvdmasters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dvdmasters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_m0gsc-tQGhu8c7VbiFdwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-10 11:43:02 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 10 07:42:58.289839 2025] [security2:error] [pid 15053:tid 15071] [client 45.159.20.152:50323] [client 45.159.20.152] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eceinal.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eceinal.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_euwuY4tbCmp1BUibuUgAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-09 12:33:10 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.20.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 08:33:06.515265 2025] [security2:error] [pid 19571:tid 19571] [client 45.159.20.152:17617] [client 45.159.20.152] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|difusionens.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "difusionens.org"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_ZpAlYFe5cuWOMbI4P_4wAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 OnTheEdge	2025-02-12 09:42:29 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇨🇿 lp	2025-02-06 16:21:13 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.20.152 2025-02-06T16:11:50+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.20.152 2025-02-06T16:11:50+01:00 vpn Access-Reject 'nbaquanxunwang' station: 45.159.20.152 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇦 Mediashaker	2024-12-26 12:36:24 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 45.159.20.152 (US/United States/-)	Brute-Force
Anonymous	2024-03-31 08:59:14 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 182.190.216.2

🇧🇩 114.130.85.36

🇨🇳 101.96.225.252

🇫🇷 85.217.140.44

🇩🇪 69.5.169.77

🇷🇺 193.232.59.134

🇧🇷 179.199.181.4

🇮🇳 175.101.131.169

🇺🇸 172.70.231.100

🇧🇷 168.227.61.17

🇮🇳 103.86.180.10

🇩🇪 82.115.21.249

🇷🇺 193.232.59.76

🇳🇱 185.213.175.37

🇷🇺 178.178.222.53

🇺🇸 167.99.54.222

🇩🇪 165.227.159.13

🇩🇪 164.92.161.148

🇺🇸 162.216.149.140

🇬🇧 151.227.31.195