JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.203.158

45.130.203.158 was found in our database!

This IP was reported 346 times. Confidence of Abuse is 76%: ?

76%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.203.158

Whois 45.130.203.158

IP Abuse Reports for 45.130.203.158:

This IP address has been reported a total of 346 times from 122 distinct sources. 45.130.203.158 was first reported on March 25th 2024, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 05:35:24 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:35:17.000327 2026] [security2:error] [pid 10101:tid 10101] [client 45.130.203.158:30101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nfc.magodarman.com"] [uri "/.git/HEAD"] [unique_id "ajYmlOtcmmUQEKq46Q2eYwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 COMAITE	2026-06-20 02:17:52 (13 hours ago)	Suspicious URL access.	Web App Attack
🇭🇺 bcsaba	2026-06-19 13:06:50 (1 day ago)	Probing for .env file: 45.130.203.158 - - [19/Jun/2026:15:06:42 +0200] "GET /.env HTTP/1.1" 403 146 ... show more Probing for .env file: 45.130.203.158 - - [19/Jun/2026:15:06:42 +0200] "GET /.env HTTP/1.1" 403 146 "-" "Python-urllib/3.10" show less	Web App Attack
🇩🇪 _ArminS_	2026-06-19 01:14:18 (1 day ago)	WEB-Scan 52553:80 detected 2026.06.19 03:14:18 blocked until 2026.08.07 20:17:05	Port Scan
🇫🇮 as211431.net	2026-06-19 00:08:26 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-18 06:06:45 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:06:38.194568 2026] [security2:error] [pid 31989:tid 31989] [client 45.130.203.158:36399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.3dprinting.raynernet.com"] [uri "/.git/HEAD"] [unique_id "ajOK7lGP30RJL24DpwcyXwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 05:43:18 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:43:13.065351 2026] [security2:error] [pid 7191:tid 7191] [client 45.130.203.158:39079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starsdontdance.com.sfsdesignsproductions.com"] [uri "/.git/HEAD"] [unique_id "ajOFcfaIXsXtMx34HRYpnAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2026-06-10 17:52:30 (1 week ago)	/wp-admin/css/index.php	Web App Attack
🇫🇷 Octopuce	2026-06-10 12:26:47 (1 week ago)	Aggressive web search of vulnerable pages: /wp-includes/js/tinymce/skins/lightgray/img/about.php /wp ... show more Aggressive web search of vulnerable pages: /wp-includes/js/tinymce/skins/lightgray/img/about.php /wp-includes/js/tinymce/skins/lightgray/img/wp ... show less	Web App Attack
🇺🇸 WellSpring	2026-05-24 10:50:42 (3 weeks ago)	git exposure on thetimeofthereturn.com/.git/HEAD — WellSpr.ing/NetSentinel civic-AI security layer	Web App Attack
🇳🇱 ParaBug	2026-05-23 17:45:44 (3 weeks ago)	45.130.203.158 - - [23/May/2026:19:45:44 +0200] "GET /.git/HEAD HTTP/1.1" 401 3293 "-" "Python-urlli ... show more 45.130.203.158 - - [23/May/2026:19:45:44 +0200] "GET /.git/HEAD HTTP/1.1" 401 3293 "-" "Python-urllib/3.10" ... show less	Phishing Brute-Force Web App Attack
🇫🇷 geot	2026-05-23 15:09:30 (4 weeks ago)	GET /.git/HEAD HTTP/1.1	Hacking Web App Attack
🇺🇸 etu brutus	2026-05-23 13:46:05 (4 weeks ago)	45.130.203.158 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇫🇮 kumiko	2026-05-23 10:52:48 (4 weeks ago)	[2026-05-23 13:52:48] Probing for dotfiles "GET /.git/HEAD HTTP/1.1" 301	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-23 08:34:38 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 04:34:33.539525 2026] [security2:error] [pid 10841:tid 10841] [client 45.130.203.158:60393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "targetbinario.com"] [uri "/.git/HEAD"] [unique_id "ahFmmbyKqJagWrzVTUbUgQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 346 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.92

🇺🇸 191.102.159.163

🇺🇸 191.102.157.78

🇩🇪 138.68.70.115

🇺🇸 66.132.186.210

🇺🇸 66.132.172.231

🇮🇶 37.236.163.70

🇰🇷 211.105.44.231

🇺🇸 191.102.157.235

🇺🇸 191.102.157.152

🇺🇸 191.102.157.136

🇺🇸 191.102.155.84

🇭🇰 119.237.139.108

🇫🇮 86.114.24.234

🇺🇸 191.102.155.254

🇺🇸 191.102.155.221

🇺🇸 191.102.155.211

🇺🇸 191.102.155.44

🇰🇷 118.37.214.187

🇻🇳 222.255.39.127