JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.203.177

45.130.203.177 was found in our database!

This IP was reported 341 times. Confidence of Abuse is 80%: ?

80%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.203.177

Whois 45.130.203.177

IP Abuse Reports for 45.130.203.177:

This IP address has been reported a total of 341 times from 126 distinct sources. 45.130.203.177 was first reported on August 29th 2023, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 08:47:07 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:47:00.405842 2026] [security2:error] [pid 15645:tid 15645] [client 45.130.203.177:57029] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.calentadoresdemexico.com.mx"] [uri "/.env.production"] [unique_id "ajZThP9YFtCSy8glAGD2kwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Axel	2026-06-19 10:31:52 (1 day ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.product ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.production Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇫🇮 as211431.net	2026-06-19 00:09:03 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-18 06:06:44 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:06:38.115373 2026] [security2:error] [pid 4166:tid 4166] [client 45.130.203.177:22693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3dprinting.raynernet.com"] [uri "/.git/HEAD"] [unique_id "ajOK7hYBnUdp8jnozrkxvgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-06-17 05:50:05 (3 days ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
Anonymous	2026-06-17 05:40:43 (3 days ago)	Fail2Ban triggered	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 00:51:15 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:51:12.039569 2026] [security2:error] [pid 19353:tid 19353] [client 45.130.203.177:35521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4940brooklinedr.com.13waggoners.com"] [uri "/.git/HEAD"] [unique_id "ajHvgMgYVe5o6EUSQLrFTQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2026-06-10 17:52:48 (1 week ago)	/wp-admin/css/colors/coffee/index.php	Web App Attack
🇫🇷 Octopuce	2026-06-10 12:28:39 (1 week ago)	Aggressive web search of vulnerable pages: /wp-content/cache/ /assets/images/ /wp-admin/js/widgets/ ... show more Aggressive web search of vulnerable pages: /wp-content/cache/ /assets/images/ /wp-admin/js/widgets/ /wp-includes/random_compat/ /wp-content/plu ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 12:45:01 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:44:57.207922 2026] [security2:error] [pid 25690:tid 25695] [client 45.130.203.177:32725] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.festival.ramona.town"] [uri "/.git/HEAD"] [unique_id "aia5SdIX9MvrRKrRCE_B9QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-07 03:06:21 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇩🇪 webanyone	2026-05-23 10:00:15 (4 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇫🇷 masterguru	2026-05-23 09:57:18 (4 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.130.203.177 (EG/Egypt/-): 1 in the ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.130.203.177 (EG/Egypt/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇦🇺 FireGuard Server	2026-05-23 09:35:05 (4 weeks ago)	Blocked by OPNsense firewall; 7 hits, proto=tcp, ports=443	Port Scan Hacking
🇩🇪 CK_beats	2026-05-23 04:55:02 (4 weeks ago)	Blocked by os-abuseipdb on OPNsense firewall KN-FW01; 7 hits, proto=tcp, ports=80	Port Scan Hacking

Showing 1 to 15 of 341 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 161.18.234.168

🇺🇸 96.78.175.36

🇭🇰 47.82.75.232

🇬🇹 190.61.100.167

🇦🇷 186.39.158.218

🇿🇦 165.165.132.134

🇨🇳 112.86.225.14

🇮🇳 106.205.203.11

🇳🇱 91.92.40.50

🇺🇸 44.222.69.91

🇸🇬 43.160.204.7

🇨🇴 38.51.233.74

🇬🇧 35.203.210.221

🇺🇸 20.168.0.72

🇮🇪 207.254.29.22

🇳🇱 185.93.89.167

🇬🇧 185.91.69.196

🇮🇩 182.9.34.54

🇻🇳 160.250.132.20

🇨🇴 149.78.168.69