JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.202.49

45.130.202.49 was found in our database!

This IP was reported 272 times. Confidence of Abuse is 49%: ?

49%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.202.49

Whois 45.130.202.49

IP Abuse Reports for 45.130.202.49:

This IP address has been reported a total of 272 times from 73 distinct sources. 45.130.202.49 was first reported on December 4th 2022, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Penny Packer	2025-06-29 19:52:27 (11 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇲🇾 Rizzy	2025-06-22 12:56:19 (11 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2025-06-21 19:25:13 (11 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-06-12 06:35:13 (11 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-06-09 07:19:19 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-03 13:02:11 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-06-01 05:19:01 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 01:18:57.918601 2025] [security2:error] [pid 3148626:tid 3148626] [client 45.130.202.49:21883] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|qualityelevatorcabs.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qualityelevatorcabs.com"] [uri "/wallet.dat"] [unique_id "aDviwYVN46mm4Z4_WC61ogAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2025-04-27 07:03:35 (1 year ago)	Fail2Ban apache-tripwires	Web App Attack
🇯🇵 Valhalla	2025-04-26 06:20:02 (1 year ago)	/old/bak.gz	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-04-22 14:44:26 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 22 10:44:23.542140 2025] [security2:error] [pid 12186:tid 12186] [client 45.130.202.49:64867] [client 45.130.202.49] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|cvgandhes.investments\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cvgandhes.investments"] [uri "/restore/sql.sql"] [unique_id "aAerR99-gAJyROVehKzNAAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 19:25:56 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 19 15:25:53.201192 2025] [security2:error] [pid 16432:tid 16432] [client 45.130.202.49:28821] [client 45.130.202.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thegolfhole.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thegolfhole.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aAP4wWRhKChOsBTCQSkh9wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oncord	2025-03-26 03:23:44 (1 year ago)	Form spam	Web Spam
🇫🇷 dynamix	2025-03-15 14:58:24 (1 year ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2025-03-14 17:47:53 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.130.202.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 14 13:47:46.813481 2025] [security2:error] [pid 150514:tid 150514] [client 45.130.202.49:18571] [client 45.130.202.49] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|olimpiacerda.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "olimpiacerda.com"] [uri "/backups/sql.sql"] [unique_id "Z9Rrwryw0iSt3yqXc7_j-gAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ecodehost.com	2025-03-14 14:22:01 (1 year ago)	Domain : 3dteknoloji.com.tr Rule : pluginsphp 2025-03-14 14:21:08 10.100.1.20 GET /wp-content/plugin ... show more Domain : 3dteknoloji.com.tr Rule : pluginsphp 2025-03-14 14:21:08 10.100.1.20 GET /wp-content/plugins/core-plugin/include.php - 443 - 45.130.202.49 HTTP/2 Go-http-client/2.0 - 3dteknoloji.com.tr 404 0 0 1894 161 1246 - - show less	Web App Attack

Showing 121 to 135 of 272 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 212.132.127.66

🇧🇷 191.5.201.248

🇲🇰 188.44.20.34

🇰🇷 175.200.217.128

🇭🇰 152.32.192.176

🇹🇼 111.70.43.168

🇮🇳 103.251.143.14

🇩🇪 102.220.160.137

🇸🇬 47.128.50.16

🇨🇴 38.224.57.67

🇨🇳 14.103.127.82

🇸🇬 2404:6800:4003:c03::12e

🇩🇪 213.209.159.56

🇺🇸 193.239.237.77

🇫🇷 193.31.57.187

🇺🇿 188.113.228.32

🇺🇸 173.254.234.162

🇺🇸 167.172.133.85

🇺🇸 162.144.232.227

🇳🇱 104.23.166.187