JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.159.21.128

45.159.21.128 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 18%: ?

18%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.159.21.128

Whois 45.159.21.128

IP Abuse Reports for 45.159.21.128:

This IP address has been reported a total of 10 times from 7 distinct sources. 45.159.21.128 was first reported on November 15th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 05:26:54 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:26:47.048871 2026] [security2:error] [pid 14326:tid 14326] [client 45.159.21.128:14535] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hvacmechanalysis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hvacmechanalysis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aipHF4kxldhZPg1oGgFuQQAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-11 02:19:48 (1 week ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 06:38:13 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:38:09.179416 2026] [security2:error] [pid 4299:tid 4299] [client 45.159.21.128:62651] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rcjav.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rcjav.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aie00WPw_WfETzTJTSEVjQAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 13:49:52 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 09:49:45.617798 2026] [security2:error] [pid 19737:tid 19737] [client 45.159.21.128:52405] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aprilparks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aprilparks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agsY-W4VUmBLERT9EjssvgAAABE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 inlink.ltd	2026-05-17 19:30:11 (1 month ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 11:29:48 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.159.21.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 07:29:40.152493 2026] [security2:error] [pid 8982:tid 8982] [client 45.159.21.128:30505] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|imagineyourphotos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "imagineyourphotos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agMPJLKIEKrkXfrsm5448QAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2024-12-16 13:53:42 (1 year ago)	Form spam	Web Spam
Anonymous	2023-07-21 19:52:33 (2 years ago)	Intrusion Detect. SQL injection attempts with URL.	Hacking SQL Injection Web App Attack
🇨🇭 backslash	2023-07-21 09:44:48 (2 years ago)		Web App Attack
🇦🇺 nyclee.net	2022-11-15 23:59:19 (3 years ago)	Bot accessing HONEYPOT. Sending POST and/or probe .env, etc	Web Spam Hacking

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.38.142.21

🇭🇰 199.45.154.183

🇬🇧 193.163.125.224

🇺🇸 192.200.149.147

🇺🇸 162.216.150.222

🇺🇸 135.237.126.73

🇮🇷 91.239.192.143

🇺🇸 74.7.241.47

🇩🇪 69.5.169.64

🇬🇧 35.203.211.76

🇩🇪 194.187.176.9

🇷🇺 185.94.111.1

🇨🇳 171.111.218.2

🇨🇳 112.124.57.236

🇧🇩 103.252.127.203

🇮🇳 103.98.37.187

🇱🇻 95.182.80.111

🇺🇸 94.158.244.248

🇷🇴 80.94.92.166

🇩🇪 79.110.62.71