JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.202.18

45.130.202.18 was found in our database!

This IP was reported 223 times. Confidence of Abuse is 84%: ?

84%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.202.18

Whois 45.130.202.18

IP Abuse Reports for 45.130.202.18:

This IP address has been reported a total of 223 times from 92 distinct sources. 45.130.202.18 was first reported on November 25th 2022, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 21:07:46 (10 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 17:07:39.819728 2026] [security2:error] [pid 31816:tid 31867] [client 45.130.202.18:56651] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "afghanistantraveller.com.adetnw.com"] [uri "/.env"] [unique_id "ai3Gm5RZE5denwmHnykAZAAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 19:45:54 (11 hours ago)	45.130.202.18 - - [13/Jun/2026:21:43:48 +0200] "GET /wp-content/ALFA_DATA/alfacgiapi/bypass.php HTTP ... show more 45.130.202.18 - - [13/Jun/2026:21:43:48 +0200] "GET /wp-content/ALFA_DATA/alfacgiapi/bypass.php HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 45.130.202.18 - - [13/Jun/2026:21:43:49 +0200] "GET /wp-admin/maint/about.php HTTP/1.1" 404 493 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.130.202.18 - - [13/Jun/2026:21:43:50 +0200] "GET /wp-admin/js/about.php HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 45.130.202.18 - - [13/Jun/2026:21:43:50 +0200] "GET /wp-content/uploads/2023/05/404.php HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" 45.130.202.18 - - [13/Jun/2026:21:43:50 +0200] "GET /wp-admin/maint/maint.php HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 45.130.2 ... show less	DDoS Attack
🇺🇸 TPI-Abuse	2026-06-13 15:09:38 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:09:31.570495 2026] [security2:error] [pid 8358:tid 8358] [client 45.130.202.18:28607] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.versahealthcare.versacardio.com"] [uri "/.env"] [unique_id "ai1yq7tqTKGK2R7hHJk4YQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 09:37:45 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:37:35.932294 2026] [security2:error] [pid 24307:tid 24307] [client 45.130.202.18:25055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ixd.deubellzebub.com"] [uri "/.git/HEAD"] [unique_id "ai0k35pNMDd1Pz_bR5TpLQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:15:18 (22 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:15:03.022345 2026] [security2:error] [pid 24650:tid 24650] [client 45.130.202.18:52469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frontend.keaborner.com"] [uri "/.git/HEAD"] [unique_id "ai0Rh8Htzk_HZ4PL6g61EQAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 02:58:49 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 22:58:43.557848 2026] [security2:error] [pid 6691:tid 6691] [client 45.130.202.18:29767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.focusedinnertraining.starrmail.net"] [uri "/.git/HEAD"] [unique_id "aizHY33wKU_3tmQOt-Y4XwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 23:05:40 (1 day ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=25	Hacking
🇳🇿 Tripwire	2026-06-12 22:28:30 (1 day ago)	Scanning for exploits - /storage/framework/views/shell.php	Web App Attack
🇬🇧 consul.to	2026-06-12 13:08:45 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-12 10:42:09 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 04:52:39 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:52:33.842501 2026] [security2:error] [pid 1860:tid 1860] [client 45.130.202.18:23223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aticom.net.aticom.es"] [uri "/.env"] [unique_id "aiuQkYHtNZGTMUt1DOQLgAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 14:20:11 (2 days ago)	2026/06/11 14:19:12 [error] 4391#4391: 76025 [client 45.130.202.18] ModSecurity: Access denied with ... show more 2026/06/11 14:19:12 [error] 4391#4391: 76025 [client 45.130.202.18] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.27.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "afrocentric-lms-api.ingeltechgh.com"] [uri "/.env"] [unique_id "178118755225.883552"] [ref ""], client: 45.130.202.18, server: srv.ingeltechgh.com, request: "GET /.env HTTP/1.1", host: "afrocentric-lms-api.ingeltechgh.com" 2026/06/11 14:19:12 [error] 4391#4391: *76027 [client 45.130.202.18] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [fi ... show less	Brute-Force
🇫🇷 Octopuce	2026-06-10 16:44:35 (3 days ago)	Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ... show more Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ... show less	Web App Attack
🇺🇸 rdpguard.com	2026-06-10 14:30:52 (3 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 jcbriar	2026-06-10 09:05:09 (3 days ago)	Searching for vulnerable scripts	Hacking Web App Attack

Showing 1 to 15 of 223 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 160.251.185.39

🇸🇬 159.65.143.17

🇨🇳 123.160.223.72

🇨🇳 119.98.79.125

🇫🇷 85.217.140.37

🇮🇳 52.172.177.191

🇩🇪 34.179.238.184

🇦🇷 200.89.159.59

🇬🇭 197.251.249.81

🇭🇰 182.16.91.194

🇺🇸 172.239.62.109

🇺🇸 159.203.76.216

🇦🇷 152.170.181.72

🇺🇸 135.237.126.76

🇨🇳 123.144.27.76

🇹🇭 118.194.251.37

🇸🇬 118.26.111.107

🇨🇳 106.12.83.168

🇻🇳 103.241.43.193

🇫🇷 85.217.140.40