JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.203.163

45.130.203.163 was found in our database!

This IP was reported 365 times. Confidence of Abuse is 66%: ?

66%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.203.163

Whois 45.130.203.163

IP Abuse Reports for 45.130.203.163:

This IP address has been reported a total of 365 times from 115 distinct sources. 45.130.203.163 was first reported on February 15th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 sms.ru	2026-06-10 17:51:54 (5 days ago)	/wp-admin/css/autoload_classmap.php	Web App Attack
🇫🇷 Octopuce	2026-06-10 12:27:27 (5 days ago)	Aggressive web search of vulnerable pages: /wp-admin/maint/wonder.php /wp-content/themes/twentytwent ... show more Aggressive web search of vulnerable pages: /wp-admin/maint/wonder.php /wp-content/themes/twentytwentyfour/wonder.php /wp-content/plugins/fix/as ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 17:57:02 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 13:56:52.890177 2026] [security2:error] [pid 1414:tid 1414] [client 45.130.203.163:48135] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollywooddrummers.mikedeutsch.com"] [uri "/.git/HEAD"] [unique_id "aicCZDDyItDT5qv0H38FEAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 01:00:29 (1 week ago)	Try to connect to Port_Scan_80_stealth	Port Scan
🇫🇷 geot	2026-05-23 15:09:31 (3 weeks ago)	GET /.git/HEAD HTTP/1.1	Hacking Web App Attack
🇺🇸 aks4226	2026-05-23 01:36:14 (3 weeks ago)	Attacking common web applications. (n01)	Web App Attack
Anonymous	2026-05-22 00:50:03 (3 weeks ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇩🇰 ScamAware	2026-05-20 21:20:01 (3 weeks ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Web App Attack
🇺🇸 jcbriar	2026-05-20 16:03:42 (3 weeks ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇫🇷 masterguru	2026-05-19 13:05:20 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.130.203.163 (EG/Egypt/-): 1 in the ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.130.203.163 (EG/Egypt/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇬🇧 Axel	2026-05-19 02:40:03 (3 weeks ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Se ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇫🇮 as211431.net	2026-05-18 20:38:08 (4 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 paulshipley.com.au	2026-05-18 18:18:43 (4 weeks ago)	[Tue May 19 04:18:42.342081 2026] [security2:error] [pid 157844] [client 45.130.203.163:52901] [clie ... show more [Tue May 19 04:18:42.342081 2026] [security2:error] [pid 157844] [client 45.130.203.163:52901] [client 45.130.203.163] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.stkildashule.org.au"] [uri "/.git/HEAD"] [unique_id "agtYAjbNVhF-1feWJ9tNaQAAAAQ"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 16:17:51 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 12:17:45.604103 2026] [security2:error] [pid 19871:tid 19871] [client 45.130.203.163:46789] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mangamaster.hongkonger.org"] [uri "/.git/HEAD"] [unique_id "ags7qXMa9ANjk4WD2rw-xwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 ddw	2026-05-18 14:02:12 (4 weeks ago)	ModSecurity detection - Rules: 930130(Restricted File Access Attempt)	Web App Attack

Showing 1 to 15 of 365 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 171.244.39.95

🇷🇺 128.1.46.183

🇮🇹 209.227.244.120

🇺🇸 207.90.244.19

🇧🇷 205.210.31.171

🇳🇱 195.178.110.30

🇧🇷 177.92.162.244

🇰🇷 175.206.1.60

🇮🇩 103.147.237.208

🇮🇹 93.92.72.143

🇺🇸 74.208.140.41

🇱🇹 62.60.130.210

🇳🇱 45.156.87.34

🇳🇱 45.148.10.141

🇨🇦 35.183.130.230

🇦🇺 34.40.140.149

🇮🇪 3.253.43.227

🇪🇸 213.60.255.181

🇨🇴 186.31.95.163

🇨🇳 175.12.108.55