JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.66.209.56

45.66.209.56 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 22%: ?

22%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.66.209.56

Whois 45.66.209.56

IP Abuse Reports for 45.66.209.56:

This IP address has been reported a total of 18 times from 8 distinct sources. 45.66.209.56 was first reported on November 30th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nationaleventpros.com	2026-06-15 00:08:08 (2 days ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 07:23:17 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:23:10.278084 2026] [security2:error] [pid 29810:tid 29810] [client 45.66.209.56:51827] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|individualhealth.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "individualhealth.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aie_XlTFA0BwlsjZxbulLQAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-07 17:37:17 (1 week ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-06-02 14:03:02 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 10:02:54.693280 2026] [security2:error] [pid 5070:tid 5070] [client 45.66.209.56:18613] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|goldenvalley1.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "goldenvalley1.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah7ijgcCgoO7YYdPiY24wgAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 04:31:23 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 00:31:20.168082 2026] [security2:error] [pid 28129:tid 28155] [client 45.66.209.56:30645] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|martinbenes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "martinbenes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahfFGIU_7eO-d9NOj81AggAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-25 05:25:56 (3 weeks ago)	Web password guessing	Brute-Force
🇺🇸 kosada.com	2026-05-13 15:26:01 (1 month ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-01-23 03:38:07 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 22:37:59.140086 2026] [security2:error] [pid 27521:tid 27521] [client 45.66.209.56:64337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|westernmassaa.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "westernmassaa.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aXLtF4kmk9CfE58vXotRZQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-23 01:04:44 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 45.66.209.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 20:04:38.987409 2026] [security2:error] [pid 25786:tid 25786] [client 45.66.209.56:30445] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|freemanfoundationcle.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "freemanfoundationcle.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aXLJJhaQkLhZW7uF4YQ6QAAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2025-09-17 01:25:59 (9 months ago)	🔑 Wordpress login brute force attempt	Hacking Web App Attack
Anonymous	2025-02-26 00:54:33 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.02.26 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.02.26 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2024-09-24 06:16:56 (1 year ago)	GlobalProtect login attempts with user jnickens.	VPN IP Brute-Force
🇳🇱 Roderic	2023-04-08 15:55:33 (3 years ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 45.66.209.56 (RU ... show more (apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 45.66.209.56 (RU/Russia/-) show less	Hacking
🇨🇭 backslash	2023-01-03 08:08:25 (3 years ago)	honeypot	Bad Web Bot
🇳🇱 Roderic	2022-07-21 01:31:38 (3 years ago)	(apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 45.66.209.56 (RU ... show more (apache-bow-document) Failed apache-bow-scanners trigger with match [redacted] from 45.66.209.56 (RU/Russia/-) show less	Hacking

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.140.91.221

🇹🇷 195.175.204.162

🇺🇸 172.253.1.28

🇺🇸 148.72.64.140

🇩🇪 87.106.210.86

🇨🇦 85.217.149.3

🇮🇳 20.204.136.58

🇨🇳 223.99.218.76

🇮🇳 182.95.223.50

🇮🇳 139.59.6.237

🇨🇳 117.188.21.202

🇬🇧 86.1.150.50

🇩🇪 64.89.163.145

🇳🇱 195.178.110.23

🇳🇱 178.16.53.230

🇨🇳 118.178.235.228

🇳🇱 77.83.39.42

🇳🇱 45.148.10.240

🇺🇸 45.45.237.214

🇹🇭 43.164.0.21