JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.66.208.202

45.66.208.202 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 17%: ?

17%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.66.208.202

Whois 45.66.208.202

IP Abuse Reports for 45.66.208.202:

This IP address has been reported a total of 25 times from 14 distinct sources. 45.66.208.202 was first reported on May 28th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-05-30 18:08:21 (1 week ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-05-11 05:48:26 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 01:48:19.510577 2026] [security2:error] [pid 21569:tid 21569] [client 45.66.208.202:62511] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|paintriver.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paintriver.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agFto4dXUZAHEEttBT1WrAAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-05-02 05:20:10 (1 month ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇩🇪 hchristo	2026-01-18 04:44:23 (4 months ago)	[Sun Jan 18 05:44:18.175134 2026] [access_compat:error] [pid 51053:tid 51127] [client 45.66.208.202: ... show more [Sun Jan 18 05:44:18.175134 2026] [access_compat:error] [pid 51053:tid 51127] [client 45.66.208.202:39673] AH01797: client denied by server configuration: /var/www/kd1130/htdocs/Sandras-Abnehmblog.de/xmlrpc.php [Sun Jan 18 05:44:19.360897 2026] [access_compat:error] [pid 51053:tid 51144] [client 45.66.208.202:58669] AH01797: client denied by server configuration: /var/www/kd1130/htdocs/Sandras-Abnehmblog.de/xmlrpc.php [Sun Jan 18 05:44:20.561473 2026] [access_compat:error] [pid 51053:tid 51135] [client 45.66.208.202:40797] AH01797: client denied by server configuration: /var/www/kd1130/htdocs/Sandras-Abnehmblog.de/xmlrpc.php [Sun Jan 18 05:44:21.737010 2026] [access_compat:error] [pid 51053:tid 51146] [client 45.66.208.202:35973] AH01797: client denied by server configuration: /var/www/kd1130/htdocs/Sandras-Abnehmblog.de/xmlrpc.php [Sun Jan 18 05:44:22.936952 2026] [access_compat:error] [pid 51053:tid 51109] [client 45.66.208.202:26243] AH01797: client denied by server configuration: / ... show less	Brute-Force
🇮🇹 VHosting	2026-01-18 01:40:05 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-01-17 19:50:16 (4 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 F242	2026-01-17 19:46:05 (4 months ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2025-03-10 04:26:25 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 10 00:26:21.254890 2025] [security2:error] [pid 2536:tid 2536] [client 45.66.208.202:27821] [client 45.66.208.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markaandrews.com"] [uri "/.env"] [unique_id "Z85p7SOtlwvKtZKjKqI3IwAAAAA"], referer: https://tasamm.com/about/mmm139.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-09 19:54:30 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 09 15:54:24.044541 2025] [security2:error] [pid 5421:tid 5421] [client 45.66.208.202:22245] [client 45.66.208.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mazzaro.chevronparkett.com"] [uri "/.env"] [unique_id "Z83x8AVjrjriNYjWfYyMDAAAABA"], referer: https://tasamm.com/about/mmm148.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-08 10:07:48 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 05:07:42.420270 2025] [security2:error] [pid 1091150:tid 1091150] [client 45.66.208.202:31675] [client 45.66.208.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "linearconceptsllc.com"] [uri "/.env"] [unique_id "Z8wW7p6DEc7vDna_lUgdRgAAAA0"], referer: https://tasamm.com/about/ggg267.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-20 22:05:04 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 20 17:04:57.605315 2025] [security2:error] [pid 9621:tid 9765] [client 45.66.208.202:47291] [client 45.66.208.202] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "condobudget.com"] [uri "/.env"] [unique_id "Z7enCXxnHkZ5jHrsktaR2wAAAJY"], referer: https://tasamm.com/about/ccc72.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-01-03 14:35:25 (1 year ago)	(mod_security) mod_security (id:210350) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 45.66.208.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 03 09:35:16.861230 2025] [security2:error] [pid 9198:tid 9198] [client 45.66.208.202:58821] [client 45.66.208.202] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|portalvasco.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "portalvasco.com"] [uri "/blog/ficheros/manuales/drivecontroleng.pdf&sa=U&ved=2ahUKEwiTmKv6z9CKAxX6_rsIHZt1C5QQFnoECAQQAg&usg=AOvVaw30GyzoE1juAaExmnafl0U1"] [unique_id "Z3f1pI7UxhveFTwbNMLlWAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-28 03:10:07 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇪🇸 el-brujo	2024-06-09 21:23:00 (1 year ago)	DDoS Attack Layer 7 - REQUESTS / HTTP/2.0	DDoS Attack
🇩🇪 NxtGenIT	2024-05-29 07:45:30 (2 years ago)	45.66.208.202 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Attem ... show more 45.66.208.202 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Attempt show less	Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 192.42.116.55

🇨🇳 112.234.118.229

🇷🇺 88.205.172.170

🇱🇹 81.30.98.144

🇷🇴 80.94.92.167

🇺🇸 66.132.172.188

🇮🇩 34.128.77.56

🇺🇸 184.168.21.211

🇹🇱 180.189.174.146

🇮🇳 119.252.199.19

🇨🇳 42.56.138.241

🇺🇸 162.216.149.156

🇮🇳 106.219.217.119

🇨🇦 99.246.88.37

🇨🇳 60.205.248.70

🇺🇸 52.167.144.157

🇮🇩 210.79.142.221

🇲🇾 203.121.40.210

🇷🇺 188.242.54.195

🇮🇳 104.28.164.65