JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.202.96

45.130.202.96 was found in our database!

This IP was reported 256 times. Confidence of Abuse is 68%: ?

68%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.202.96

Whois 45.130.202.96

IP Abuse Reports for 45.130.202.96:

This IP address has been reported a total of 256 times from 81 distinct sources. 45.130.202.96 was first reported on December 22nd 2022, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-07 06:36:43 (11 hours ago)	Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.p ... show more Aggressive web search of vulnerable pages: /bless.php /O-Simple.php /lock360.php /zwso.php /chosen.php /about.php /admin.php /mah.php /.wp/wso. ... show less	Web App Attack
🇩🇪 Ba-Yu	2026-06-07 05:26:44 (12 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 dynamix	2026-06-07 01:39:47 (16 hours ago)	Multiple WAF Violations	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-06 22:00:32 (19 hours ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking
🇷🇺 sms.ru	2026-06-06 19:41:29 (22 hours ago)	/wp-admin/css/colors/modern/colors.css.php	Web App Attack
🇩🇪 iNetWorker	2026-06-06 01:27:50 (1 day ago)	trolling for resource vulnerabilities	Web App Attack
Anonymous	2026-06-05 19:30:58 (1 day ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2026-05-17 04:50:31 (3 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-14 22:06:08 (3 weeks ago)	(mod_security) mod_security (id:949110) triggered by 45.130.202.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:949110) triggered by 45.130.202.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 18:06:04.699177 2026] [security2:error] [pid 23689:tid 23689] [client 45.130.202.96:42287] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "jrwoodsrentals.com"] [uri "/"] [unique_id "agZHTAu4K0YnmJCJTV2RZgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-11 01:28:22 (3 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-196) show less	Bad Web Bot
🇬🇧 consul.to	2026-05-11 01:26:35 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-05-10 23:05:58 (3 weeks ago)	45.130.202.96 - - [11/May/2026:01:05:56 +0200] "GET /wp-includes/ID3/wp-themes.php HTTP/1.1" 404 124 ... show more 45.130.202.96 - - [11/May/2026:01:05:56 +0200] "GET /wp-includes/ID3/wp-themes.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 45.130.202.96 - - [11/May/2026:01:05:57 +0200] "GET /wp-includes/Requests/src/Exception/Transport/ HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 45.130.202.96 - - [11/May/2026:01:05:57 +0200] "GET /wp-includes/Requests/src/Response/ HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 45.130.202.96 - - [11/May/2026:01:05:57 +0200] "GET /wp-includes/block-supports/wp-sing.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 45.130.202.96 - - [11/May/2026:01:05:57 +0200] "GET /wp-includes/blocks/button/ HTTP/1.1" 404 124 "-" "Go-http-client/1.1" ... show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-05-04 23:52:20 (1 month ago)	Excessive multi-domain requests	Brute-Force
🇬🇧 consul.to	2026-04-30 03:10:32 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 00:25:03 (1 month ago)	(mod_security) mod_security (id:222160) triggered by 45.130.202.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:222160) triggered by 45.130.202.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 20:24:56.456565 2026] [security2:error] [pid 11994:tid 11994] [client 45.130.202.96:26777] ModSecurity: Access denied with code 403 (phase 1). String match "wp-content/plugins/wp-easycart/inc/admin/phpinfo.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6347"] [id "222160"] [rev "1"] [msg "COMODO WAF: Information disclosure vulnerability in The EasyCart plugin before 2.0.6 for WordPress (CVE-2014-4942)\|\|spiritcountry.cc\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "spiritcountry.cc"] [uri "/wp-content/plugins/wp-easycart/inc/admin/phpinfo.php"] [unique_id "ae_-WC4ZfO92IKUNAXb9XAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 256 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.3.154

🇺🇸 103.144.28.85

🇻🇳 103.82.195.145

🇷🇺 46.163.144.31

🇬🇧 31.14.254.120

🇷🇴 2.57.121.112

🇪🇸 2a05:d011:d07:5800:4ba2:ab2a:4b8c:a58d

🇺🇸 2600:1f18:3120:f500:3698:551b:b7c6:4a6b

🇹🇷 188.3.78.73

🇰🇷 122.35.192.61

🇸🇬 101.47.21.191

🇷🇴 92.118.39.97

🇨🇭 85.5.148.125

🇺🇸 2620:171:e1:f0::8

🇬🇧 194.50.235.139

🇺🇸 174.35.25.178

🇸🇬 156.245.144.121

🇺🇸 136.107.230.47

🇸🇬 114.119.153.247

🇩🇰 85.203.47.32