JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.166.100.15

45.166.100.15 was found in our database!

This IP was reported 77 times. Confidence of Abuse is 100%: ?

100%

ISP	AG HOLDINGS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS28546
Hostname(s)	pbx-labdiagnomo.serv.net.mx
Domain Name	agholdings.mx
Country	🇲🇽 Mexico
City	Mexico City, Mexico City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.166.100.15

Whois 45.166.100.15

IP Abuse Reports for 45.166.100.15:

This IP address has been reported a total of 77 times from 61 distinct sources. 45.166.100.15 was first reported on June 11th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-13 10:20:58 (2 hours ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 45.166.100.15 - - [13/Jun/2026:07:20:47 -0300] "GET ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 45.166.100.15 - - [13/Jun/2026:07:20:47 -0300] "GET /admin/config.php HTTP/1.0" 404 414 show less	Bad Web Bot
🇧🇷 diego	2026-06-13 10:18:08 (2 hours ago)	[arem1] 2026-06-13 09:59:20, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP: GET ... show more [arem1] 2026-06-13 09:59:20, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP: GET /admin/config.php show less	Web App Attack
Anonymous	2026-06-13 09:54:17 (2 hours ago)	Reported from Nginx log analysis 19. Log: 45.166.100.15 - - [13/Jun/2026:xx:xx:xx 0200] "GET / HTTP ... show more Reported from Nginx log analysis 19. Log: 45.166.100.15 - - [13/Jun/2026:xx:xx:xx 0200] "GET / HTTP/1.0" xxx xxx "-" "ivre-masscan/1.3 https://github.com/robertdavidgraham/" "-" "MX Mexico El Pueblito" "AS28546" "Servnet Mexico, S.A. de C.V." show less	Port Scan Brute-Force SSH
🇮🇹 Progetto1	2026-06-13 09:45:03 (3 hours ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇧🇷 diego	2026-06-13 09:15:20 (3 hours ago)	[probe-44-49] 2026-06-13 08:57:13, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP ... show more [probe-44-49] 2026-06-13 08:57:13, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP: GET /admin/config.php show less	Web App Attack
🇺🇸 mccsoft.io	2026-06-13 08:54:55 (3 hours ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇨🇳 Peter Yu	2026-06-13 08:54:20 (3 hours ago)		Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-13 08:39:04 (4 hours ago)	385 requests with url.path *config.php	Brute-Force Bad Web Bot
🇧🇷 diego	2026-06-13 08:20:20 (4 hours ago)	[probe-44-49] 2026-06-13 08:04:30, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP ... show more [probe-44-49] 2026-06-13 08:04:30, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP: GET /admin/config.php show less	Web App Attack
Anonymous	2026-06-13 08:07:45 (4 hours ago)	Unauthorised traffic to honeypot	Port Scan
🇧🇷 diego	2026-06-13 07:55:19 (4 hours ago)	[probe-168-134] 2026-06-13 07:37:34, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HT ... show more [probe-168-134] 2026-06-13 07:37:34, Client: 45.166.100.15, Protocol: 6, Unauthorized activity to HTTP: GET /admin/config.php show less	Web App Attack
Anonymous	2026-06-13 07:54:53 (4 hours ago)	45.166.100.15 - - [13/Jun/2026:07:54:52 +0000] "GET /admin/config.php HTTP/1.0" 404 153 "-" "xfa1" " ... show more 45.166.100.15 - - [13/Jun/2026:07:54:52 +0000] "GET /admin/config.php HTTP/1.0" 404 153 "-" "xfa1" "-" "localhost" ... show less	Hacking Bad Web Bot Web App Attack
🇩🇪 langenkamp-media	2026-06-13 07:52:56 (4 hours ago)	Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de	Web App Attack
🇩🇪 D3vNu11	2026-06-13 07:46:19 (4 hours ago)	Level: (LOW): Known Attacker via CitrixHoneypot IOC Country: Mexico 1x -> Target Country: Finnland H ... show more Level: (LOW): Known Attacker via CitrixHoneypot IOC Country: Mexico 1x -> Target Country: Finnland HTTPS show less	Hacking Web App Attack
🇮🇩 hermawan	2026-06-13 07:45:03 (5 hours ago)	06/13/2026-14:45:00.406534 [Drop] [] [1:2100002414:0] Suricata match TLS ja3 scan Uniq Zeek no 24 ... show more 06/13/2026-14:45:00.406534 [Drop] [] [1:2100002414:0] Suricata match TLS ja3 scan Uniq Zeek no 2414 with hash_t13i970900_21fe6ccd8ec5_5fb67df6121e [**] [Classification: (null)] [Priority: 3] {TCP} 45.166.100.15:61001 -> 103.166.156.58:443 ... show less	Email Spam Hacking

Showing 1 to 15 of 77 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.250

🇷🇺 213.234.5.66

🇰🇷 183.109.69.122

🇨🇴 181.63.178.75

🇬🇧 178.62.89.9

🇮🇹 176.207.179.73

🇩🇿 129.45.84.205

🇮🇹 87.4.233.16

🇺🇸 66.132.172.224

🇺🇸 20.15.163.139

🇺🇸 2607:f8b0:4001:c2b::12a

🇺🇸 216.25.89.145

🇩🇪 212.227.140.112

🇺🇸 185.191.171.15

🇺🇸 162.216.149.86

🇩🇪 138.201.82.103

🇺🇸 104.197.18.59

🇱🇾 102.213.229.240

🇸🇪 95.203.26.57

🇸🇪 78.69.184.105