JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.159.22.28

45.159.22.28 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 20%: ?

20%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.159.22.28

Whois 45.159.22.28

IP Abuse Reports for 45.159.22.28:

This IP address has been reported a total of 15 times from 13 distinct sources. 45.159.22.28 was first reported on November 16th 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 securejdprop	2026-06-08 04:48:18 (5 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing. Ip 45.159.22 ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing. Ip 45.159.22.28 performed 'crowdsecurity/http-admin-interface-probing' (3 events over 2.226406553s) at 2026-06-08 04:48:17.879266272 +0000 UTC show less	Hacking Web App Attack
🇫🇷 tilellit.pro	2026-05-22 03:54:32 (3 weeks ago)	Fail2Ban banned 45.159.22.28 for security violations in jail wp-armour. Log: 2026/05/22 03:54:32 [er ... show more Fail2Ban banned 45.159.22.28 for security violations in jail wp-armour. Log: 2026/05/22 03:54:32 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 45.159.22.28 \| Target: wplogin" , client: 45.159.22.28, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 ctrlpew	2026-05-19 01:01:09 (3 weeks ago)	WordPress login brute-force botnet targeting ctrlpew.com. Distributed IPs cycling every 3 seconds wi ... show more WordPress login brute-force botnet targeting ctrlpew.com. Distributed IPs cycling every 3 seconds with UA rotation. All attempts against non-existent usernames. 2026-05-18. show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-08 16:53:10 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.159.22.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.159.22.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 12:53:04.522908 2026] [security2:error] [pid 12412:tid 12412] [client 45.159.22.28:25497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|goglobex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "goglobex.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af4U8FRX5bYJoCL_SxzNKgAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 05:50:58 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 45.159.22.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.159.22.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 01:50:51.857481 2026] [security2:error] [pid 5446:tid 5446] [client 45.159.22.28:12667] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sahinozalit.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sahinozalit.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae75O-o-pO28UUgRc2Ig0wAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2026-04-11 21:16:33 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-10 14:34:42 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇿 lp	2025-03-20 16:29:10 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.22.28 2025-03-20T16:20:46+01:0 ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.22.28 2025-03-20T16:20:46+01:00 vpn Access-Reject 'fuzznuts' station: 45.159.22.28 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-03-20T16:21:53+01:00 vpn Access-Reject 'ggreen' station: 45.159.22.28 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-03-10 20:37:03 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.159.22.28 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.159.22.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 10 16:36:59.304541 2025] [security2:error] [pid 7580:tid 7580] [client 45.159.22.28:47171] [client 45.159.22.28] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nesetsv.com"] [uri "/.env"] [unique_id "Z89Na51nX5b9twelL6nX7QAAAAM"], referer: https://tasamm.com/about/mmm231.html show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-21 06:15:07 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇺🇸 Yawning Angel	2024-08-27 21:51:12 (1 year ago)	logdesc=SSL VPN login fail user=bulletin remip=45.159.22.28 reason=sslvpn_login_permission_denied	Hacking Brute-Force
Anonymous	2024-05-24 06:16:54 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2023-07-21 19:52:57 (2 years ago)	Intrusion Detect. SQL injection attempts with URL.	Hacking SQL Injection Web App Attack
🇨🇭 backslash	2023-07-21 11:06:48 (2 years ago)		Web App Attack
🇺🇸 TheMadBeaker	2021-11-16 10:11:15 (4 years ago)	Fail2Ban Ban Triggered Wordpress Attack Attempt	Brute-Force Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 198.46.168.51

🇳🇱 195.242.118.208

🇺🇸 152.32.236.17

🇨🇷 143.202.162.180

🇨🇳 115.191.34.255

🇺🇸 66.132.172.51

🇬🇧 35.203.210.80

🇧🇷 191.235.101.61

🇮🇩 139.255.97.116

🇺🇸 136.116.198.170

🇺🇸 104.243.35.104

🇭🇰 103.43.191.43

🇳🇱 45.148.10.121

🇦🇱 45.67.0.73

🇷🇴 2.57.121.25

🇺🇸 172.253.251.55

🇵🇰 154.208.54.50

🇸🇦 141.179.25.176

🇺🇸 40.124.173.224

🇸🇬 23.111.14.190