JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.159.23.101

45.159.23.101 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 23%: ?

23%

ISP	Atlas Network Holdings LLC
Usage Type	Fixed Line ISP
ASN	AS213954
Domain Name	atlasnetworkholdings.online
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.159.23.101

Whois 45.159.23.101

IP Abuse Reports for 45.159.23.101:

This IP address has been reported a total of 18 times from 9 distinct sources. 45.159.23.101 was first reported on January 19th 2022, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 JimArchon72	2026-06-01 21:30:01 (5 days ago)	2026/06/01 21:26:15 "GET /wp-admin/ HTTP/1.1"	Web App Attack
🇫🇷 Baking333	2026-05-24 10:26:46 (1 week ago)	[redacted] 45.159.23.101 - - [24/May/2026:11:26:40 +0100] "GET /[redacted] HTTP/1.1" 302 1517 1/1248 ... show more [redacted] 45.159.23.101 - - [24/May/2026:11:26:40 +0100] "GET /[redacted] HTTP/1.1" 302 1517 1/1248209 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 45.159.23.101 - - [24/May/2026:11:26:43 +0100] "GET /[redacted] HTTP/1.1" 302 1517 0/171054 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-05-19 13:40:16 (2 weeks ago)	Fail2Ban banned 45.159.23.101 for security violations in jail wp-armour. Log: 2026/05/19 13:40:15 [e ... show more Fail2Ban banned 45.159.23.101 for security violations in jail wp-armour. Log: 2026/05/19 13:40:15 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 45.159.23.101 \| Target: wplogin" , client: 45.159.23.101, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "http://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-05-16 23:50:17 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 19:50:10.034469 2026] [security2:error] [pid 20878:tid 20878] [client 45.159.23.101:63407] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Bristol II/Stetson Bordeaux/Thumbs.db"] [unique_id "agkCsZsRLDhUcP1eBS9ROQAAAAA"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Bristol%20II/Stetson%20Bordeaux/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 12:11:18 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 08:11:14.903927 2026] [security2:error] [pid 20634:tid 20634] [client 45.159.23.101:27425] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Golden Logos and Graphics/Thumbs.db"] [unique_id "abVQYn8Q0h-0YsyVTan5SQAAAA0"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Golden%20Logos%20and%20Graphics/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-12 01:57:01 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 HandyTreff.de	2026-03-09 13:12:52 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -24.043 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -24.043 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1085.1 show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-16 21:52:14 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 17:52:11.163827 2025] [security2:error] [pid 18909:tid 18909] [client 45.159.23.101:39699] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|aimer.es\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "aimer.es"] [uri "/"] [unique_id "aPFpC0fopFNAc5CDD3O8AQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-15 09:42:21 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 45.159.23.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 15 05:42:16.359124 2025] [security2:error] [pid 24915:tid 24915] [client 45.159.23.101:57195] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|digitview.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "digitview.com"] [uri "/"] [unique_id "aO9seJ-oIvFVgNhSGOEKYgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-08-19 21:24:09 (9 months ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.23.101 2025-08-19T22:24:42+02: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.23.101 2025-08-19T22:24:42+02:00 vpn Access-Reject 'superuser' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-19T22:25:56+02:00 vpn Access-Reject 'pricer' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-08-18 13:50:28 (9 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.23.101 2025-08-18T15:04:15+02: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.23.101 2025-08-18T15:04:15+02:00 vpn Access-Reject 'security' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-08-17 13:50:46 (9 months ago)	Unauthorized VPN login attempts: 4 attempts were recorded from 45.159.23.101 2025-08-17T15:32:53+02: ... show more Unauthorized VPN login attempts: 4 attempts were recorded from 45.159.23.101 2025-08-17T15:32:53+02:00 vpn Access-Reject 'dking' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T15:34:09+02:00 vpn Access-Reject 'scooper' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T15:35:18+02:00 vpn Access-Reject 'csanchez' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-08-17T15:35:48+02:00 vpn Access-Reject 'kedwards' station: 45.159.23.101 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 45.159.23.101	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 45.159.23.101	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 45.159.23.101	DDoS Attack Brute-Force Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.226

🇩🇪 172.71.148.25

🇷🇴 92.118.39.62

🇩🇪 46.249.99.46

🇱🇰 203.94.69.234

🇹🇼 198.235.24.51

🇭🇰 185.239.84.249

🇺🇸 162.216.150.65

🇺🇸 147.182.183.153

🇺🇸 66.92.198.194

🇰🇷 221.167.50.229

🇧🇷 205.210.31.250

🇲🇽 187.171.89.181

🇮🇳 182.18.180.44

🇩🇪 81.90.28.175

🇨🇳 43.140.252.89

🇧🇪 34.38.104.184

🇧🇷 177.23.238.116

🇺🇸 146.88.241.165

🇮🇳 143.110.183.139