JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.202.39

45.130.202.39 was found in our database!

This IP was reported 207 times. Confidence of Abuse is 73%: ?

73%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.202.39

Whois 45.130.202.39

IP Abuse Reports for 45.130.202.39:

This IP address has been reported a total of 207 times from 76 distinct sources. 45.130.202.39 was first reported on March 1st 2023, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-14 07:45:51 (19 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:14:15 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:14:09.297246 2026] [security2:error] [pid 27331:tid 27348] [client 45.130.202.39:44757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.accuball.maxelon.com"] [uri "/.git/HEAD"] [unique_id "ai0RUUxH2XpSzVA_x9vWRgAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 07:52:51 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:52:44.607106 2026] [security2:error] [pid 28250:tid 28250] [client 45.130.202.39:35399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "qa.fluffmoo.org"] [uri "/.git/HEAD"] [unique_id "ai0MTMbSL6ZDZsr0H8RPRwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 07:27:45 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:27:42.085183 2026] [security2:error] [pid 3248:tid 3248] [client 45.130.202.39:35925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sprek.net.sprektech.com"] [uri "/.git/HEAD"] [unique_id "ai0GbmLOs4ukMOjD--ACYwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-12 14:33:35 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 Ba-Yu	2026-06-12 05:49:21 (2 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:53:03 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:52:57.945738 2026] [security2:error] [pid 10050:tid 10050] [client 45.130.202.39:44801] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.aticom.es"] [uri "/.env.production"] [unique_id "aiuQqQTuky3bAeCqw7DM5wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 14:19:59 (3 days ago)	2026/06/11 14:19:24 [error] 4432#4432: 76056 [client 45.130.202.39] ModSecurity: Access denied with ... show more 2026/06/11 14:19:24 [error] 4432#4432: 76056 [client 45.130.202.39] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/owasp-modsecurity-crs-4.11.0/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "222"] [id "949110"] [rev ""] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [data ""] [severity "0"] [ver "OWASP_CRS/4.27.0"] [maturity "0"] [accuracy "0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "dextraclass.ingeltechgh.com"] [uri "/.env"] [unique_id "178118756421.170604"] [ref ""], client: 45.130.202.39, server: srv.ingeltechgh.com, request: "GET /.env HTTP/1.1", host: "dextraclass.ingeltechgh.com" 2026/06/11 14:19:57 [error] 4403#4403: *76092 [client 45.130.202.39] ModSecurity: Access denied with code 403 (phase 2). Matched "Operator `Ge' with parameter `5' against variable `TX:BLOCKING_INBOUND_ANOMALY_SCORE' (Value: `5' ) [file "/usr/local/o ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 04:11:59 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 00:11:51.745700 2026] [security2:error] [pid 30084:tid 30084] [client 45.130.202.39:42921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.webseographics.smogsandiego.com"] [uri "/.git/HEAD"] [unique_id "aio1h1PfQmp1bVmihKH8vQAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 jkhorvath.com	2026-06-10 20:27:43 (4 days ago)	Request for URL /wp-login.php	Phishing Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-10 14:21:41 (4 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 jcbriar	2026-06-10 09:05:08 (4 days ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 08:02:37 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.130.202.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 04:02:29.608946 2026] [security2:error] [pid 22729:tid 22729] [client 45.130.202.39:20347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jonasrimkunas.com.arsenaultartistmanagement.com"] [uri "/.git/HEAD"] [unique_id "aikaFbZP2BBS1MZUkBGwbgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-09 20:02:16 (5 days ago)	Aggressive web search of vulnerable pages: /wp-content/x/ /wp-includes/assets/ /wp-includes/fonts/ / ... show more Aggressive web search of vulnerable pages: /wp-content/x/ /wp-includes/assets/ /wp-includes/fonts/ /autoload_classmap/ /wp-content/themes/tflow ... show less	Web App Attack
🇦🇺 aranguren.org	2026-06-03 14:56:56 (1 week ago)	45.130.202.39 - - [04/Jun/2026:00:56:53 +1000] "GET /blog/wp-includes/ HTTP/1.1" 404 990 "-" "Mozill ... show more 45.130.202.39 - - [04/Jun/2026:00:56:53 +1000] "GET /blog/wp-includes/ HTTP/1.1" 404 990 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" 45.130.202.39 - - [04/Jun/2026:00:56:53 +1000] "GET /blog/wp-admin/ HTTP/1.1" 404 990 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 45.130.202.39 - - [04/Jun/2026:00:56:54 +1000] "GET /wp-content/themes/twentyfive/ HTTP/1.1" 404 990 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 45.130.202.39 - - [04/Jun/2026:00:56:54 +1000] "GET /wp-includes/blocks/ HTTP/1.1" 404 990 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 45.130.202.39 - - [04/Jun/2026:00:56:55 +1000] "GET /.bod/.ll/ HTTP/1.1" 404 990 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/53 ... show less	Bad Web Bot

Showing 1 to 15 of 207 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 167.126.6.183

🇺🇸 159.223.155.178

🇭🇰 103.210.22.17

🇧🇪 34.140.232.85

🇷🇺 213.59.165.74

🇳🇱 193.176.31.222

🇩🇪 185.242.3.226

🇮🇳 182.76.66.186

🇧🇴 181.115.166.77

🇺🇸 147.185.132.243

🇧🇩 103.213.238.91

🇷🇺 95.220.204.16

🇫🇷 85.217.140.27

🇳🇱 81.19.216.102

🇩🇪 64.89.163.179

🇹🇼 61.220.235.10

🇸🇬 47.128.60.41

🇲🇽 45.232.253.226

🇬🇧 45.82.76.123

🇭🇰 43.99.117.166