JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.203.154

45.130.203.154 was found in our database!

This IP was reported 340 times. Confidence of Abuse is 59%: ?

59%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.203.154

Whois 45.130.203.154

IP Abuse Reports for 45.130.203.154:

This IP address has been reported a total of 340 times from 124 distinct sources. 45.130.203.154 was first reported on February 3rd 2023, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 sms.ru	2026-06-10 17:54:35 (5 days ago)	/wp-admin/images/archive.php	Web App Attack
🇫🇷 Octopuce	2026-06-10 12:26:15 (6 days ago)	Aggressive web search of vulnerable pages: /wp.php /wp-admin/css/colors/blue/wp-trackback.php /wp-co ... show more Aggressive web search of vulnerable pages: /wp.php /wp-admin/css/colors/blue/wp-trackback.php /wp-content/themes/chosen.php /wp-header.php /wp- ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:59:42 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:59:35.972012 2026] [security2:error] [pid 14534:tid 14534] [client 45.130.203.154:35893] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.chooseyourowntrail.com.robertmcatee.com"] [uri "/.git/HEAD"] [unique_id "aibm5_za4oYOdIYZ0LufggAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 myintarweb	2026-06-07 00:36:39 (1 week ago)	45.130.203.154 - - [07/Jun/2026:01:36:36 +0100] 80 "GET /.git/HEAD HTTP/1.1" 410 1525 "-" "Python-ur ... show more 45.130.203.154 - - [07/Jun/2026:01:36:36 +0100] 80 "GET /.git/HEAD HTTP/1.1" 410 1525 "-" "Python-urllib/3.10" ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-24 11:31:48 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 07:31:41.511043 2026] [security2:error] [pid 11065:tid 11065] [client 45.130.203.154:39833] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title50.com"] [uri "/.git/HEAD"] [unique_id "ahLhnbW_ddvjsLZDkjHsVQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-05-24 06:44:09 (3 weeks ago)	Triggered Cloudflare WAF (bic) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint ... show more Triggered Cloudflare WAF (bic) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-23 11:34:00 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 07:33:52.559703 2026] [security2:error] [pid 6176:tid 6176] [client 45.130.203.154:24711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "celltechs.net"] [uri "/.git/HEAD"] [unique_id "ahGQoKNAJdb-RE1Cgz1APwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-05-23 05:40:08 (3 weeks ago)	[Sat May 23 15:40:06.801665 2026] [security2:error] [pid 883348] [client 45.130.203.154:59373] [clie ... show more [Sat May 23 15:40:06.801665 2026] [security2:error] [pid 883348] [client 45.130.203.154:59373] [client 45.130.203.154] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "mareeshefford.com"] [uri "/.git/HEAD"] [unique_id "ahE9tij5hfXyY4xt_NI8QwAAAAQ"] ... show less	Web App Attack
🇫🇷 masterguru	2026-05-23 04:04:32 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.130.203.154 (EG/Egypt/-): 1 in the ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.130.203.154 (EG/Egypt/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇺 OneLuca	2026-05-23 03:46:54 (3 weeks ago)	performed GET request to /.git/HEAD, probing for exposed or leaked files	Web App Attack
🇫🇷 pm33	2026-05-23 02:02:12 (3 weeks ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇧🇪 boxed-it	2026-05-23 01:54:34 (3 weeks ago)	GET /.git/HEAD (Tarpitted for 19m44s, wasted 69.49kB)	Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 00:02:12 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 20:02:06.127296 2026] [security2:error] [pid 8188:tid 8188] [client 45.130.203.154:30081] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ctrussell.grabnerconsulting.com"] [uri "/.git/HEAD"] [unique_id "ahDuftvZobXpcVV7q-Z9MAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 11:50:29 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:50:25.203717 2026] [security2:error] [pid 16595:tid 16595] [client 45.130.203.154:55019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rooksfamily.com"] [uri "/.git/HEAD"] [unique_id "ahBDASoJX56wJ0pIxDAWcAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 01:42:24 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 21:42:19.705386 2026] [security2:error] [pid 9158:tid 9158] [client 45.130.203.154:54397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pizzadata.com"] [uri "/.git/HEAD"] [unique_id "ag-0exCjWRCAfd-AwsTB_gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 340 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 171.251.234.23

🇨🇳 111.160.161.26

🇺🇸 209.250.5.209

🇨🇦 199.167.138.45

🇮🇳 136.232.11.10

🇺🇸 136.0.109.60

🇻🇳 118.70.182.193

🇻🇳 103.241.43.193

🇺🇸 50.187.155.130

🇳🇱 45.148.10.141

🇦🇺 40.82.214.8

🇺🇸 38.34.175.219

🇹🇷 31.145.131.202

🇬🇧 5.226.140.112

🇸🇴 197.220.72.99

🇧🇷 191.36.152.28

🇮🇳 182.95.49.166

🇻🇳 113.177.27.200

🇺🇦 82.29.225.158

🇺🇸 74.125.181.158