JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.129.56.196

45.129.56.196 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 33%: ?

33%

ISP	31173 Services AB infrastructure in Copenhagen, DK.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS39351
Domain Name	31173.se
Country	🇩🇰 Denmark
City	Ballerup, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.129.56.196

Whois 45.129.56.196

IP Abuse Reports for 45.129.56.196:

This IP address has been reported a total of 58 times from 37 distinct sources. 45.129.56.196 was first reported on February 15th 2023, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 KIDOS	2026-06-21 09:06:18 (5 days ago)	KASM auto: exploit_/.env.old	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-21 08:43:21 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 45.129.56.196 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.129.56.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 04:43:02.226137 2026] [security2:error] [pid 6208:tid 6208] [client 45.129.56.196:47632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.11"] [uri "/.git/HEAD"] [unique_id "ajekFgbrqWrEnWLRatN-fgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 00:51:43 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 45.129.56.196 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.129.56.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 20:51:29.238193 2026] [security2:error] [pid 21243:tid 21243] [client 45.129.56.196:44948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.36"] [uri "/https://192.64.150.36/.git/config"] [unique_id "ajc1kd-yCLASEVCMUpsviQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 20:16:47 (1 week ago)	2026-06-12 20:16:47 warning[4215088]: host unknown[45.129.56.196]: unauthorized access att ... show more 2026-06-12 20:16:47 warning[4215088]: host unknown[45.129.56.196]: unauthorized access attempted: tcp/9010 show less	Port Scan Brute-Force
🇺🇸 rdpguard.com	2026-06-02 17:00:53 (3 weeks ago)	RdpGuard detected brute-force attempt on ASP.NET Web Forms	Brute-Force
🇷🇺 Agrohim	2026-05-28 00:10:14 (4 weeks ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇺🇸 bigscoots.com	2026-05-26 09:39:30 (1 month ago)	45.129.56.196 (DK/Denmark/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Po ... show more 45.129.56.196 (DK/Denmark/-), 5 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: 1; Trigger: LF_DISTATTACK; Logs: May 26 04:35:58 13374 sshd[5552]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.156.59 user=root May 26 04:39:21 13374 sshd[6015]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.129.56.196 user=root May 26 04:25:36 13374 sshd[4434]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.103.53.246 user=root May 26 04:35:15 13374 sshd[5540]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=119.96.156.59 user=root May 26 04:35:18 13374 sshd[5540]: Failed password for root from 119.96.156.59 port 59788 ssh2 IP Addresses Blocked: 119.96.156.59 (CN/China/-) show less	Brute-Force SSH
🇨🇭 backslash	2026-05-18 00:21:08 (1 month ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇨🇭 4server	2026-04-07 18:07:44 (2 months ago)	[TueApr0720:07:41.2778452026][security2:error][pid1441464:tid1441485][client45.129.56.196:0]ModSecur ... show more [TueApr0720:07:41.2778452026][security2:error][pid1441464:tid1441485][client45.129.56.196:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(filemanager\\|wp-file-manager\\|elfinder\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"276\"][id\"980500\"][msg\"WordPressfilemanagerexploitattempt\"][hostname\"edelhaut.ch\"][uri\"/wp-admin/plugins.php\"][unique_id\"adVH7aUtrItYJaJlbhM1NAAAANI\"] show less	Hacking Web App Attack
🇨🇳 pengpeng	2026-03-23 20:28:13 (3 months ago)	monitor: on VM-0-7-ubuntu \| port: 47927 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 47927 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-03-08 05:20:16 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-03-04 23:45:07 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-03-01 23:40:08 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-26 23:35:17 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2026-02-23 23:30:08 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 158.160.71.190

🇭🇰 101.36.124.220

🇧🇷 2803:9810:4b45:7e10:8580:9cc8:d1da:b3f7

🇭🇰 219.77.189.168

🇪🇬 213.131.76.71

🇭🇺 193.68.57.43

🇨🇳 171.222.251.172

🇺🇸 166.1.60.230

🇫🇮 147.185.133.130

🇩🇪 130.12.180.77

🇺🇸 100.53.32.161

🇳🇱 91.199.163.63

🇩🇪 69.5.169.219

🇺🇸 44.100.208.153

🇸🇪 9.223.176.221

🇬🇧 217.146.80.109

🇺🇸 205.210.31.58

🇩🇪 165.227.159.13

🇺🇸 165.154.206.204

🇧🇩 58.147.171.11