JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.202.25

45.130.202.25 was found in our database!

This IP was reported 222 times. Confidence of Abuse is 81%: ?

81%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.202.25

Whois 45.130.202.25

IP Abuse Reports for 45.130.202.25:

This IP address has been reported a total of 222 times from 76 distinct sources. 45.130.202.25 was first reported on November 26th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TAY	2026-06-14 17:04:46 (1 day ago)	45.130.202.25 - - [15/Jun/2026:01:03:21 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "WordPress.c ... show more 45.130.202.25 - - [15/Jun/2026:01:03:21 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "WordPress.com; https://wordpress.com" 45.130.202.25 - - [15/Jun/2026:01:04:03 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "Jetpack/12.5; WordPress/6.1; http://site43630363.com" 45.130.202.25 - - [15/Jun/2026:01:04:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5874 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" ... show less	Brute-Force
Anonymous	2026-06-14 09:54:24 (2 days ago)	45.130.202.25 - - [14/Jun/2026:11:53:59 +0200] "GET /wp-admin/css/colors/ HTTP/1.1" 404 498 "-" "Moz ... show more 45.130.202.25 - - [14/Jun/2026:11:53:59 +0200] "GET /wp-admin/css/colors/ HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 45.130.202.25 - - [14/Jun/2026:11:54:00 +0200] "GET /wp-content/themes/seotheme/ HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 45.130.202.25 - - [14/Jun/2026:11:54:00 +0200] "GET /wp-includes/images/ HTTP/1.1" 404 498 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 45.130.202.25 - - [14/Jun/2026:11:54:00 +0200] "GET /wp-content/plugins/ioxi/ HTTP/1.1" 404 498 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 45.130.202.25 - - [14/Jun/2026:11:54:01 +0200] "GET /blog/wp-content/ HTTP/1.1" 404 498 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Saf ... show less	DDoS Attack
🇫🇷 dynamix	2026-06-14 07:47:16 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:17:19 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:17:11.559419 2026] [security2:error] [pid 27331:tid 27346] [client 45.130.202.25:45631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oswgr.com.wwwhst.com"] [uri "/.git/HEAD"] [unique_id "ai0SB0xH2XpSzVA_x9vYqQAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 02:46:30 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 22:46:25.365682 2026] [security2:error] [pid 28493:tid 28493] [client 45.130.202.25:65231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nafsi-paris.mtalame.com"] [uri "/.git/HEAD"] [unique_id "aizEgfsvCq8Gm-eJpA9ORwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 22:05:41 (3 days ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=13	Hacking
🇺🇸 TPI-Abuse	2026-06-12 18:48:26 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 14:48:18.722337 2026] [security2:error] [pid 28674:tid 28674] [client 45.130.202.25:40211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bigislandhawaiirealestate.com.kh6jim.com"] [uri "/.env"] [unique_id "aixUcpjVZy_6ZqCuISN3GQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-12 13:07:28 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 09:52:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 05:52:40.171631 2026] [security2:error] [pid 3367:tid 3367] [client 45.130.202.25:61415] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.beercruisers.glassicannex.org"] [uri "/.git/HEAD"] [unique_id "aivW6Od6B2jzPSr5ed1c0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 08:53:41 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:53:36.959461 2026] [security2:error] [pid 30575:tid 30575] [client 45.130.202.25:26593] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rgnexcore.com.elpaco.net"] [uri "/.git/HEAD"] [unique_id "aivJEHb-2FLNzPUa_8xTGAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-12 05:06:25 (4 days ago)	Aggressive web search of vulnerable pages: /update/ /wp-content/ /wp-admin/maint/ /themes/zMousse/ / ... show more Aggressive web search of vulnerable pages: /update/ /wp-content/ /wp-admin/maint/ /themes/zMousse/ /wp-content/plugins/ubh/ /wp-admin/images/ / ... show less	Web App Attack
🇩🇪 YF	2026-06-12 05:00:18 (4 days ago)	Git HEAD exposure probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:52:41 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:52:32.540422 2026] [security2:error] [pid 10050:tid 10050] [client 45.130.202.25:23619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aimer.es.aticom.es"] [uri "/.env.production"] [unique_id "aiuQkATuky3bAeCqw7DM4gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-12 00:52:16 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 22:54:35 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:54:32.681535 2026] [security2:error] [pid 3026:tid 3056] [client 45.130.202.25:29121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nativeamericantimeline.philacentric.com"] [uri "/.git/HEAD"] [unique_id "ais8qEs6UzjtFmJ1AMkCHAAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 222 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 144.79.241.10

🇮🇷 5.237.80.255

🇨🇳 221.239.36.42

🇸🇬 206.189.81.2

🇵🇱 172.64.198.29

🇹🇼 165.154.243.94

🇺🇸 159.223.196.179

🇯🇵 152.32.146.182

🇮🇩 125.166.0.10

🇨🇦 38.108.83.2

🇩🇪 31.57.37.238

🇧🇴 200.58.83.79

🇹🇭 159.192.132.36

🇺🇸 137.184.47.94

🇮🇳 103.216.145.2

🇺🇬 102.86.3.231

🇹🇭 83.118.107.46

🇺🇸 66.132.172.224

🇺🇸 43.130.76.217

🇨🇳 8.138.230.159