JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.81.30

45.130.81.30 was found in our database!

This IP was reported 99 times. Confidence of Abuse is 10%: ?

10%

ISP	VPN Consumer Kiev, Ukraine
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.81.30

Whois 45.130.81.30

IP Abuse Reports for 45.130.81.30:

This IP address has been reported a total of 99 times from 33 distinct sources. 45.130.81.30 was first reported on May 1st 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-01 22:34:25 (2 weeks ago)		Brute-Force Web App Attack
Anonymous	2026-06-01 19:44:17 (2 weeks ago)	Fail2Ban triggered	Web App Attack
🇫🇷 SpaceHost-Server	2026-04-08 22:31:47 (2 months ago)		Brute-Force Web App Attack
Anonymous	2026-04-08 16:44:07 (2 months ago)	Fail2Ban triggered	Web App Attack
🇬🇧 pinguin	2026-03-15 13:06:37 (3 months ago)	Triggered Cloudflare WAF (firewallManaged) from UA. Action taken: LOG Protocol: HTTP/2 (HEAD method) ... show more Triggered Cloudflare WAF (firewallManaged) from UA. Action taken: LOG Protocol: HTTP/2 (HEAD method) Endpoint: /back/www.tar UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-12 02:31:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 22:31:53.226595 2026] [security2:error] [pid 26752:tid 26752] [client 45.130.81.30:26401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegoldentether.com"] [uri "/sftp-config.json"] [unique_id "abIlmT3W4D9eOm2wZwFvYgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-17 17:05:48 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 12:05:41.972721 2026] [security2:error] [pid 8914:tid 8914] [client 45.130.81.30:60761] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|headcount.dev\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "headcount.dev"] [uri "/backup/mysql.sql"] [unique_id "aZSf5YTdhyztrnzCgUkVgAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 04:05:52 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:05:44.271932 2026] [security2:error] [pid 3632:tid 3632] [client 45.130.81.30:61335] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcointoolshop.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcointoolshop.com"] [uri "/old/dump.sql"] [unique_id "aZFGGKtegTJxwjuh___CcwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 island-freaks.com	2026-01-23 06:33:32 (4 months ago)	Attack Type: WordPress Exploit Bot attempt on /bak/backup.gz \| DNS 45.130.81.30 \| Agent: none	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇺🇸 Penny Packer	2026-01-15 22:31:23 (5 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇳🇿 Tripwire	2026-01-07 03:56:45 (5 months ago)	Scanning for backup files - /archive.zip	Web App Attack
🇺🇸 TPI-Abuse	2025-12-14 17:50:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 14 12:50:02.642550 2025] [security2:error] [pid 14552:tid 14552] [client 45.130.81.30:61147] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jussetcotradinglimited.co"] [uri "/old/sftp-config.json"] [unique_id "aT74ymGtQJ8Tp9kWAKFhmwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2025-12-13 04:51:05 (6 months ago)	/backup/index.zip	Hacking Web App Attack
🇺🇸 Penny Packer	2025-12-07 02:19:45 (6 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 21:30:12 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 16:30:05.450276 2025] [security2:error] [pid 23015:tid 23015] [client 45.130.81.30:29469] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|uppermotradingco.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "uppermotradingco.com"] [uri "/backup/mysql.sql"] [unique_id "aTH9XaGuAmFqBWqt7Wf3pAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 99 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇶🇦 2600:1900:4260:40e::123

🇬🇧 198.244.183.209

🇰🇷 121.184.144.232

🇺🇸 107.175.87.129

🇱🇹 81.30.98.44

🇩🇪 45.142.107.99

🇧🇷 189.51.216.20

🇻🇳 183.91.27.6

🇻🇳 171.231.195.144

🇺🇿 144.124.192.139

🇬🇧 87.236.176.177

🇧🇷 45.205.1.241

🇹🇷 31.145.131.202

🇵🇱 23.230.84.230

🇺🇸 20.168.121.119

🇺🇸 216.25.89.94

🇳🇱 176.65.148.84

🇧🇬 94.155.124.98

🇺🇸 17.22.245.235

🇬🇧 2a06:4880:c000::ee