JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.203.179

45.130.203.179 was found in our database!

This IP was reported 366 times. Confidence of Abuse is 80%: ?

80%

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.203.179

Whois 45.130.203.179

IP Abuse Reports for 45.130.203.179:

This IP address has been reported a total of 366 times from 129 distinct sources. 45.130.203.179 was first reported on January 18th 2024, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Dominik Lysiak	2026-06-20 09:35:52 (7 hours ago)	45.130.203.179 - - [20/Jun/2026:11:35:44 +0200] "GET /.env HTTP/1.1" 301 162 "-" "Python-urllib/3.10 ... show more 45.130.203.179 - - [20/Jun/2026:11:35:44 +0200] "GET /.env HTTP/1.1" 301 162 "-" "Python-urllib/3.10" 45.130.203.179 - - [20/Jun/2026:11:35:44 +0200] "GET /.env HTTP/1.1" 404 146 "-" "Python-urllib/3.10" 45.130.203.179 - - [20/Jun/2026:11:35:51 +0200] "GET /.env HTTP/1.1" 404 146 "-" "Python-urllib/3.10" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 08:47:07 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:47:00.088894 2026] [security2:error] [pid 26956:tid 26956] [client 45.130.203.179:23653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.calentadoresdemexico.com.mx"] [uri "/.env"] [unique_id "ajZThF0GhX0WsVvpdW3qIQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 strxmpp	2026-06-20 02:21:09 (14 hours ago)	45.130.203.179 - - [20/Jun/2026:04:21:08 +0200] "GET /.git/HEAD HTTP/1.1" 404 504 "-" "Python-urllib ... show more 45.130.203.179 - - [20/Jun/2026:04:21:08 +0200] "GET /.git/HEAD HTTP/1.1" 404 504 "-" "Python-urllib/3.10" ... show less	Bad Web Bot
🇭🇺 bcsaba	2026-06-19 13:07:05 (1 day ago)	Probing for .env file: 45.130.203.179 - - [19/Jun/2026:15:06:59 +0200] "GET /.env HTTP/1.1" 403 146 ... show more Probing for .env file: 45.130.203.179 - - [19/Jun/2026:15:06:59 +0200] "GET /.env HTTP/1.1" 403 146 "-" "Python-urllib/3.10" show less	Web App Attack
🇬🇧 Axel	2026-06-19 10:33:49 (1 day ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.product ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env.production Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇫🇷 aldene.info	2026-06-19 06:20:24 (1 day ago)	[librenms] Banned by Fail2ban (Jail: syswarden-secretshunter)	Port Scan Hacking Bad Web Bot Web App Attack
🇫🇮 as211431.net	2026-06-19 00:11:50 (1 day ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-18 22:49:55 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:49:49.262958 2026] [security2:error] [pid 23692:tid 23692] [client 45.130.203.179:46613] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.usaenquirer.com.bamedica.com"] [uri "/.git/HEAD"] [unique_id "ajR2DeKg_DOmbVpuh_M5cwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 23:40:50 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 19:40:44.945120 2026] [security2:error] [pid 22692:tid 22705] [client 45.130.203.179:62767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hylakaplan.com.howiek.com"] [uri "/.git/HEAD"] [unique_id "ajMwfHAj5WjYhOaicUu0WwAAAUc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 23:00:41 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 19:00:35.740310 2026] [security2:error] [pid 6509:tid 6509] [client 45.130.203.179:31591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "micasafrontgate.joepaladino.com"] [uri "/.git/HEAD"] [unique_id "ajMnE0ScDmjhvrFbKLPRCgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2026-06-10 17:53:14 (1 week ago)	/vendor/phpunit/phpunit/src/Util/PHP/bypass.php	Web App Attack
🇫🇷 Octopuce	2026-06-10 12:26:05 (1 week ago)	Aggressive web search of vulnerable pages: /wp-includes/ID3/about.php /wp-content/languages/404.php ... show more Aggressive web search of vulnerable pages: /wp-includes/ID3/about.php /wp-content/languages/404.php /update/403.php /default.php /wp-includes/a ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:10:42 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 45.130.203.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:10:35.180345 2026] [security2:error] [pid 21520:tid 21520] [client 45.130.203.179:29977] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jchiggins.nashes.net"] [uri "/.git/HEAD"] [unique_id "aibNW9KnudaupPvOd4DF2QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-06-08 09:54:19 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.git/HEAD UA: Python-urllib/3.10 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 mnsf	2026-06-07 03:06:21 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack

Showing 1 to 15 of 366 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 212.32.76.48

🇮🇶 169.224.59.118

🇳🇱 92.112.126.183

🇲🇦 41.141.84.223

🇺🇸 23.23.214.190

🇧🇷 172.71.163.149

🇻🇳 160.191.165.249

🇨🇳 116.179.33.201

🇮🇳 103.99.199.63

🇹🇭 49.231.31.226

🇻🇳 203.171.29.193

🇨🇳 183.6.187.229

🇵🇰 182.189.61.120

🇺🇸 172.234.192.12

🇷🇴 92.118.39.213

🇵🇱 91.226.70.218

🇺🇸 47.251.111.228

🇺🇸 45.79.109.193

🇭🇰 152.32.215.224

🇺🇸 100.29.192.13