JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.86.201.59

45.86.201.59 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 2%: ?

ISP	Panq B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206804
Domain Name	panq.nl
Country	🇮🇸 Iceland
City	Reykjavik, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.86.201.59

Whois 45.86.201.59

IP Abuse Reports for 45.86.201.59:

This IP address has been reported a total of 76 times from 35 distinct sources. 45.86.201.59 was first reported on September 27th 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Dave Hansen	2026-06-08 09:54:17 (5 days ago)	(mod_security) mod_security triggered on hostname [redacted] 45.86.201.59 (IS/Iceland/-)	SQL Injection
🇺🇸 r3versedk	2026-03-16 03:18:40 (2 months ago)	🛡️ Automated Threat Report from maxjensen.dk 🎯 Attack Type: Botnet Fingerprint 🚨 Severity: CRITICAL ... show more 🛡️ Automated Threat Report from maxjensen.dk 🎯 Attack Type: Botnet Fingerprint 🚨 Severity: CRITICAL 📊 Threat Score: 95/100 📈 Total Attacks: 411 (database verified, seen over today) 🔍 Peak Score: 95/100 🎯 Common Types: Botnet Fingerprint(1x) 🔍 Fingerprint: 9f96b00ce11bc787 🤖 AI/ML: 🤝 Multi-Model Consensus (neural-network, q-learning, gpt) - 🧠 NN (55%): block (99.8%) \| 🎮 QL (23%): block (75.0%) \| 🤖 Claude (23%): monitor (70.0%) \| ⚖️ dynamic+boosted weights... Detected: 2026-03-16T03:18:40.689Z show less	Bad Web Bot
🇺🇸 Penny Packer	2026-03-15 22:12:59 (2 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 10:21:31 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 06:21:25.678906 2026] [security2:error] [pid 14723:tid 14723] [client 45.86.201.59:50429] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|qualityelevatorcabs.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qualityelevatorcabs.com"] [uri "/restore/wallet.dat"] [unique_id "aa_wpXE_jk8TOC8rgZqyVwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-03-04 08:25:50 (3 months ago)	/bak/mysql.sql	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 08:02:13 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 03:02:08.990649 2026] [security2:error] [pid 4264:tid 4264] [client 45.86.201.59:55827] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|usbea.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "usbea.com"] [uri "/bak/mysql.sql"] [unique_id "aafnAFKSRZj5cmAVdpH1kQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-02-28 14:18:19 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇪🇸 gnom4ik	2026-02-20 21:55:40 (3 months ago)	ban-reviewer auto report; ip=45.86.201.59; scenario=http:scan; verdict=valid_ban; confidence=0.90; c ... show more ban-reviewer auto report; ip=45.86.201.59; scenario=http:scan; verdict=valid_ban; confidence=0.90; categories=14,15,18,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for 'http:scan' scenario; Port Scan (14) and Hacking (15) categories are relevant; Brute-Force (18) and SSH (22) categories are in default list; Decision stats show one active decision for IP, indicating potential ongoing threat show less	Port Scan Hacking Brute-Force SSH
🇯🇵 Valhalla	2026-02-19 04:11:59 (3 months ago)	/www.gz	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 12:14:00 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 07:13:53.220470 2026] [security2:error] [pid 2171074:tid 2171098] [client 45.86.201.59:33771] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazineofwallstreet.com"] [uri "/restore/sftp-config.json"] [unique_id "aY8VgfFtgLT0ZLve5x306AAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2026-02-13 11:46:23 (4 months ago)	/restore/website.tar.gz	Hacking Web App Attack
🇺🇸 Penny Packer	2026-02-08 15:51:30 (4 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 mnsf	2026-01-27 15:07:38 (4 months ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-01-04 09:30:51 (5 months ago)	Blocking for trying to access an exploit file: //login.php	Hacking
🇺🇸 TPI-Abuse	2025-12-30 07:24:32 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.86.201.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 02:24:26.372902 2025] [security2:error] [pid 24387:tid 24387] [client 45.86.201.59:37697] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|secureonebank.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "secureonebank.com"] [uri "/backups/dump.sql"] [unique_id "aVN-KlNUEiL22ehfa2oQcAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 201.158.125.107

🇵🇾 181.40.109.59

🇨🇳 180.104.188.85

🇸🇬 101.100.194.252

🇹🇼 60.251.50.149

🇰🇷 221.151.65.111

🇺🇸 216.25.89.145

🇬🇧 198.244.168.249

🇺🇦 194.44.148.174

🇨🇴 190.158.28.110

🇪🇸 188.26.215.106

🇬🇧 185.216.145.187

🇳🇱 176.65.148.120

🇨🇳 175.27.171.245

🇨🇳 171.114.229.30

🇵🇱 134.112.56.47

🇻🇳 116.99.169.196

🇮🇷 109.122.240.108

🇸🇬 101.47.159.125

🇸🇦 66.118.162.119