JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.81.17

45.130.81.17 was found in our database!

This IP was reported 124 times. Confidence of Abuse is 1%: ?

ISP	VPN Consumer Kiev, Ukraine
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.81.17

Whois 45.130.81.17

IP Abuse Reports for 45.130.81.17:

This IP address has been reported a total of 124 times from 42 distinct sources. 45.130.81.17 was first reported on July 26th 2022, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-05-28 14:42:14 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC NL/Netherlands/-	Web App Attack
🇩🇪 Lino Project	2026-04-10 17:12:01 (2 months ago)	45.130.81.17 - - [10/Apr/2026:19:12:00 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https: ... show more 45.130.81.17 - - [10/Apr/2026:19:12:00 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 6555 "https://www.primobio.it/mio-account/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-05 09:38:45 (2 months ago)	Forum/form spam	Web Spam
🇬🇧 pinguin	2026-03-15 13:06:36 (3 months ago)	Triggered Cloudflare WAF (firewallManaged) from UA. Action taken: LOG Protocol: HTTP/2 (HEAD method) ... show more Triggered Cloudflare WAF (firewallManaged) from UA. Action taken: LOG Protocol: HTTP/2 (HEAD method) Endpoint: /restore/backup.rar UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇭🇺 bcsaba	2026-03-04 21:09:46 (3 months ago)	Joomla spam 45.130.81.17 - - [04/Mar/2026:22:09:44 +0100] "GET /index.php?option=com_easyblog&view=d ... show more Joomla spam 45.130.81.17 - - [04/Mar/2026:22:09:44 +0100] "GET /index.php?option=com_easyblog&view=dashboard&layout=write HTTP/1.1" 404 789 "https://REDACTED" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36" show less	Web App Attack
🇨🇭 Origon	2026-02-23 18:00:04 (3 months ago)	http-probing - IP: 45.130.81.17 - time="2026-02-23T19:00:03+01:00" level=info msg="(555f66b4f6a7455 ... show more http-probing - IP: 45.130.81.17 - time="2026-02-23T19:00:03+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 45.130.81.17 (UA/206092) : 4h ban on Ip 45.130.81.17" module=db show less	Web App Attack
Anonymous	2026-02-09 16:10:12 (4 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-02-01 05:12:44 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 00:12:39.558357 2026] [security2:error] [pid 2966985:tid 2967063] [client 45.130.81.17:64085] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "magazineofwallstreet.com"] [uri "/backups/sftp-config.json"] [unique_id "aX7gx1nMaQ8AuyIU55GUvgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2025-12-18 21:01:45 (6 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 08:41:47 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 03:41:42.831842 2025] [security2:error] [pid 9221:tid 9239] [client 45.130.81.17:32963] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.fishrapper.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fishrapper.com"] [uri "/back/sql.sql"] [unique_id "aTU9xr7_Xz-E1YZpKsizQQAAAM8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 21:17:14 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 16:17:11.035062 2025] [security2:error] [pid 31837:tid 31853] [client 45.130.81.17:44477] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|magazineofwallstreet.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "magazineofwallstreet.com"] [uri "/old/sql.sql"] [unique_id "aTH6Vw46_fVYpzdYOhMkYAAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 13:48:20 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 08:48:12.690408 2025] [security2:error] [pid 16723:tid 16723] [client 45.130.81.17:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kryptonome.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kryptonome.com"] [uri "/old/dump.sql"] [unique_id "aSr5nG03YBKhmGtxKst1_QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 15:03:53 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-25 02:20:23 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:20:18.900264 2025] [security2:error] [pid 8294:tid 8294] [client 45.130.81.17:37797] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|headcount.dev\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "headcount.dev"] [uri "/restore/mysql.sql"] [unique_id "aSUSYnEv1Bi-n21Ag-8v_AAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 00:22:33 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 19:22:27.232183 2025] [security2:error] [pid 10604:tid 10604] [client 45.130.81.17:50565] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jussetcotradinglimited.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jussetcotradinglimited.co"] [uri "/old/sql.sql"] [unique_id "aSOlQ9baoWU7PpB_tfMENQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 124 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.25.89.208

🇺🇸 172.236.228.227

🇸🇪 171.25.158.87

🇺🇸 147.185.132.23

🇺🇸 142.93.55.236

🇸🇪 94.234.89.129

🇹🇭 58.136.209.209

🇧🇷 45.180.151.90

🇧🇪 35.241.169.10

🇷🇺 188.191.165.234

🇧🇷 187.16.96.250

🇲🇰 185.193.240.246

🇺🇸 159.223.111.52

🇹🇭 117.121.214.50

🇮🇳 103.55.60.27

🇫🇷 85.217.140.12

🇷🇺 81.177.160.116

🇳🇱 45.148.10.151

🇳🇱 45.148.10.147

🇨🇳 36.99.46.101