JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.129.56.147

45.129.56.147 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 67%: ?

67%

ISP	31173 Services AB infrastructure in Copenhagen, DK.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39351
Domain Name	31173.se
Country	🇩🇰 Denmark
City	Ballerup, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.129.56.147

Whois 45.129.56.147

IP Abuse Reports for 45.129.56.147:

This IP address has been reported a total of 70 times from 25 distinct sources. 45.129.56.147 was first reported on January 8th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 12:28:07 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 08:28:01.939382 2026] [security2:error] [pid 30591:tid 30591] [client 45.129.56.147:57735] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|camasmarket.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "camasmarket.com"] [uri "/xmlrpc.php"] [unique_id "ajfY0Q8HY4al4fYM74I4wQAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-21 11:55:35 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 matthieul.dev	2026-06-21 11:25:31 (1 day ago)	Blocked by os-abuseipdb; 9 hits, proto=tcp,udp, ports=16496	Port Scan Brute-Force
🇫🇮 bittiguru.fi	2026-06-21 00:22:15 (1 day ago)	45.129.56.147 - [21/Jun/2026:03:22:05 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "WordPress.co ... show more 45.129.56.147 - [21/Jun/2026:03:22:05 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "WordPress.com; https://wordpress.com" "-" 45.129.56.147 - [21/Jun/2026:03:22:15 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" "-" ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-21 00:06:58 (1 day ago)	45.129.56.147 - [21/Jun/2026:03:06:49 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack by W ... show more 45.129.56.147 - [21/Jun/2026:03:06:49 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" "-" 45.129.56.147 - [21/Jun/2026:03:06:58 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "Jetpack by WordPress.com" "-" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 22:40:05 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:39:55.618609 2026] [security2:error] [pid 16753:tid 16753] [client 45.129.56.147:64153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|jesussotoca.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jesussotoca.com"] [uri "/xmlrpc.php"] [unique_id "ajcWuxROhSKUASnetxrWvwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:38:10 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:38:06.206832 2026] [security2:error] [pid 9190:tid 9190] [client 45.129.56.147:64282] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|zoesaadeh.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "zoesaadeh.com"] [uri "/xmlrpc.php"] [unique_id "ajcIPqVnND8ZV5LGqY1LBAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 18:33:19 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 14:33:14.366434 2026] [security2:error] [pid 15081:tid 15081] [client 45.129.56.147:64427] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|odinathletes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "odinathletes.com"] [uri "/xmlrpc.php"] [unique_id "ajbc6njGd2bfpQOWP9cjJgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 15:58:42 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 11:58:35.187672 2026] [security2:error] [pid 6953:tid 6956] [client 45.129.56.147:50887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kettlehill.com"] [uri "/xmlrpc.php"] [unique_id "aja4q7QR7zEeMiAiLYlggAAAAMA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Steve	2026-06-20 11:51:55 (2 days ago)	Abuse of XMLRPC	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 08:49:10 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:49:05.719315 2026] [security2:error] [pid 27139:tid 27139] [client 45.129.56.147:63976] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|pcga.golf\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pcga.golf"] [uri "/xmlrpc.php"] [unique_id "ajZUASZ2PJs3DuqpR0IyzwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-06-20 04:55:08 (2 days ago)		Web App Attack
🇫🇷 masterguru	2026-06-20 03:08:42 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 pscriptos	2026-06-19 22:53:00 (3 days ago)	{"ClientAddr":"45.129.56.147:50327","ClientHost":"45.129.56.147","ClientPort":"50327","ClientUsernam ... show more {"ClientAddr":"45.129.56.147:50327","ClientHost":"45.129.56.147","ClientPort":"50327","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":156809316,"OriginContentSize":418,"OriginDuration":152428342,"OriginStatus":403,"Overhead":4380974,"RequestAddr":"www.cleveradmin.de","RequestContentSize":709,"RequestCount":692189,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-20T00:52:38.832238048+02:00","StartUTC":"2026-06-19T22:52:38.832238048Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-20T00:52:38+02:00"} {"ClientAddr":"45.129.56.147:50327","ClientHost":"45.129.56.147","C ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 21:21:58 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 45.129.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 17:21:54.235025 2026] [security2:error] [pid 13517:tid 13517] [client 45.129.56.147:52175] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.129.56.147 (+1 hits since last alert)\|yogawithbubba.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yogawithbubba.com"] [uri "/xmlrpc.php"] [unique_id "ajWy8n4HszLQvJhgu3KK-AAAABM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 191.241.142.170

🇨🇳 123.181.152.207

🇧🇷 205.210.31.198

🇧🇷 200.217.54.130

🇺🇸 173.25.42.30

🇹🇭 165.154.51.90

🇵🇭 124.107.185.138

🇯🇵 101.36.104.242

🇱🇻 81.30.98.158

🇷🇺 46.183.130.145

🇳🇱 45.148.10.141

🇲🇦 41.92.123.231

🇺🇸 38.127.88.130

🇧🇷 200.203.143.154

🇷🇺 178.177.40.29

🇿🇦 102.64.45.127

🇳🇱 91.92.40.231

🇵🇱 89.67.39.124

🇫🇷 85.217.140.29

🇲🇩 85.120.81.241