JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.130.145.225

213.130.145.225 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 94%: ?

94%

ISP	GCI Network Solutions Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	nasstar.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.130.145.225

Whois 213.130.145.225

IP Abuse Reports for 213.130.145.225:

This IP address has been reported a total of 32 times from 24 distinct sources. 213.130.145.225 was first reported on June 7th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-08 10:43:14 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇮🇩 Burayot	2026-06-08 06:38:32 (2 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 213.130.145.225 (FR/France/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 213.130.145.225 (FR/France/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:04:46 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:04:38.823242 2026] [security2:error] [pid 3825:tid 3825] [client 213.130.145.225:51326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "benshermanguitar.com"] [uri "/dev/.env"] [unique_id "aiZbdsP5BEHUxAKz3Kqi4gAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 04:56:31 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 00:56:23.262196 2026] [security2:error] [pid 10948:tid 10958] [client 213.130.145.225:42036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slicebible.org"] [uri "/dev/.env"] [unique_id "aiZLd5OpamBTYxS72hYmeQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Matthew Ping	2026-06-08 04:00:04 (2 weeks ago)	ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-08 03:08:25 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:08:18.467169 2026] [security2:error] [pid 21313:tid 21313] [client 213.130.145.225:21792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elisalouis.org"] [uri "/api/.env.save"] [unique_id "aiYyIhHIeXXK9SabAmOVCgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 02:38:30 (2 weeks ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇲🇾 Rizzy	2026-06-08 00:57:13 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 00:32:53 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 20:32:45.974996 2026] [security2:error] [pid 25613:tid 25613] [client 213.130.145.225:30272] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darnorb.com"] [uri "/api/.env.save"] [unique_id "aiYNrQYjma3GmhCDwJyu_gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-06-07 23:20:15 (2 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-07 23:09:05 (2 weeks ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 22:09:54 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 18:09:50.932368 2026] [security2:error] [pid 17606:tid 17606] [client 213.130.145.225:36054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arnoldwell.com"] [uri "/core/.env"] [unique_id "aiXsLgS5ZfhMJJCZibkbSAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 21:35:02 (2 weeks ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 21:09:38 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 213.130.145.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 17:09:34.555789 2026] [security2:error] [pid 18884:tid 18884] [client 213.130.145.225:25336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "moleculardetective.org"] [uri "/dev/.env"] [unique_id "aiXeDtwx1P0_JiBdP1_UTgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-07 21:03:59 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 202.76.173.97

🇸🇬 159.89.203.164

🇺🇸 146.190.154.100

🇺🇸 137.184.122.216

🇨🇳 106.124.147.169

🇺🇸 91.230.168.6

🇭🇰 47.79.79.158

🇬🇧 193.163.125.86

🇧🇷 179.184.241.69

🇺🇸 167.172.119.81

🇩🇪 164.92.198.75

🇺🇸 157.245.141.140

🇮🇳 122.185.65.146

🇸🇬 118.194.234.189

🇵🇭 112.209.181.210

🇮🇳 103.101.26.138

🇫🇷 85.217.140.20

🇷🇴 80.94.92.182

🇻🇳 27.3.233.244

🇨🇳 14.103.115.143