JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.203.164

45.130.203.164 was found in our database!

This IP was reported 353 times. Confidence of Abuse is 91%: ?

91%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.203.164

Whois 45.130.203.164

IP Abuse Reports for 45.130.203.164:

This IP address has been reported a total of 353 times from 126 distinct sources. 45.130.203.164 was first reported on April 15th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 Saec	2026-06-22 12:30:28 (1 day ago)	Jarvis auto-ban: CF honeypot path /.git/HEAD (2× on saec.me)	Port Scan Web App Attack
Anonymous	2026-06-22 11:34:53 (1 day ago)	45.130.203.164 - - [22/Jun/2026:08:34:47 -0300] "GET /.git/HEAD HTTP/1.1" 403 1810 "-" "Python-urlli ... show more 45.130.203.164 - - [22/Jun/2026:08:34:47 -0300] "GET /.git/HEAD HTTP/1.1" 403 1810 "-" "Python-urllib/3.10" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host
🇩🇪 Roper123	2026-06-22 06:46:31 (1 day ago)	Web exploits	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 18:15:54 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 14:15:51.472527 2026] [security2:error] [pid 5982:tid 5982] [client 45.130.203.164:54045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.holidaycalendarcards.com"] [uri "/.git/HEAD"] [unique_id "ajgqV4pYrWUVywnopajPsAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 14:54:03 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 10:53:56.802993 2026] [security2:error] [pid 16831:tid 16872] [client 45.130.203.164:35485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dcsindo.dcs.co.id"] [uri "/.git/HEAD"] [unique_id "ajf7BGhXz82YW7DM4zf-9gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 mrcrassi	2026-06-21 12:40:18 (2 days ago)	Triggered Cloudflare WAF (bic) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint ... show more Triggered Cloudflare WAF (bic) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 Axel	2026-06-20 13:39:52 (3 days ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-06-20 06:22:18 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 02:22:10.759759 2026] [security2:error] [pid 10298:tid 10298] [client 45.130.203.164:56885] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nchsfootballgolfouting.com"] [uri "/.git/HEAD"] [unique_id "ajYxkqL97uO5IeE4Giy_KQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 01:57:59 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:57:53.220381 2026] [security2:error] [pid 5975:tid 5975] [client 45.130.203.164:52637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dorismitchell.com.billymitchell.com"] [uri "/.git/HEAD"] [unique_id "ajXzofopdwPQ_tR0yxSLbQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 20:33:24 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 16:33:16.506679 2026] [security2:error] [pid 9166:tid 9166] [client 45.130.203.164:51537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cain2012.cain2016.org"] [uri "/.env"] [unique_id "ajWnjGzbHEb3O0r_EpQduQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Axel	2026-06-19 10:31:49 (4 days ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇺🇸 MPL	2026-06-19 09:41:06 (4 days ago)	tcp/443 (6 or more attempts)	Port Scan
Anonymous	2026-06-19 04:48:29 (4 days ago)	45.130.203.164 - - [19/Jun/2026:04:48:27 +0000] "GET /.env HTTP/1.1" 403 8277 "-" "Python-urllib/3.1 ... show more 45.130.203.164 - - [19/Jun/2026:04:48:27 +0000] "GET /.env HTTP/1.1" 403 8277 "-" "Python-urllib/3.10" ... show less	Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-06-19 00:08:57 (4 days ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 paulshipley.com.au	2026-06-18 22:55:09 (5 days ago)	[Fri Jun 19 08:55:07.865612 2026] [security2:error] [pid 586690] [client 45.130.203.164:27737] [clie ... show more [Fri Jun 19 08:55:07.865612 2026] [security2:error] [pid 586690] [client 45.130.203.164:27737] [client 45.130.203.164] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ccideas.com.au"] [uri "/.git/HEAD"] [unique_id "ajR3S03_Feg2cmNjPevOIQAAAAY"] ... show less	Web App Attack

Showing 1 to 15 of 353 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇭 202.29.232.118

🇲🇽 189.167.17.216

🇷🇺 185.221.215.236

🇨🇳 139.210.170.190

🇺🇸 74.207.240.187

🇫🇷 2a01:e0a:821:f270:1972:822c:18a:64c6

🇨🇳 223.199.187.22

🇨🇳 182.92.217.225

🇧🇷 129.121.42.131

🇮🇩 103.97.101.25

🇳🇱 91.92.40.204

🇮🇹 91.80.200.48

🇳🇱 45.148.10.151

🇳🇱 45.148.10.141

🇺🇸 2a13:dcc3:96d3:ff81:7244:f7b3:15f6:7729

🇳🇱 176.65.139.181

🇮🇳 168.144.95.137

🇨🇳 120.48.54.98

🇬🇧 87.236.176.69

🇺🇸 66.132.195.20