JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.130.81.7

45.130.81.7 was found in our database!

This IP was reported 106 times. Confidence of Abuse is 12%: ?

12%

ISP	VPN Consumer Kiev, Ukraine
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇺🇦 Ukraine
City	Kyiv, Kyiv City

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.130.81.7

Whois 45.130.81.7

IP Abuse Reports for 45.130.81.7:

This IP address has been reported a total of 106 times from 30 distinct sources. 45.130.81.7 was first reported on October 7th 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-06-03 10:41:55 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.expressapisv2.net:443 show less	Open Proxy Port Scan
🇬🇧 AvonleaConsulting	2026-06-02 22:58:05 (2 weeks ago)	Attempts to probe web pages for vulnerable PHP or other applications	Web App Attack
🇬🇧 AvonleaConsulting	2026-06-02 04:57:20 (3 weeks ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇬🇧 relianoid.com	2026-03-21 05:31:26 (3 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 pinguin	2026-03-03 14:07:06 (3 months ago)	Triggered Cloudflare WAF (firewallManaged) from UA. Action taken: LOG Protocol: HTTP/2 (HEAD method) ... show more Triggered Cloudflare WAF (firewallManaged) from UA. Action taken: LOG Protocol: HTTP/2 (HEAD method) Endpoint: /old/dump.sql UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-23 19:13:37 (3 months ago)	(mod_security) mod_security (id:240000) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 14:13:33.680349 2026] [security2:error] [pid 26487:tid 26487] [client 45.130.81.7:39875] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|johnandramonadunn.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "johnandramonadunn.com"] [uri "/images/stories/themes.php"] [unique_id "aZym3WQnybG_4H6oW2Ta9gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-23 19:08:49 (3 months ago)	[redacted] 45.130.81.7 - - [23/Feb/2026:20:08:44 +0100] "GET /admin/controller/extension/extension/ ... show more [redacted] 45.130.81.7 - - [23/Feb/2026:20:08:44 +0100] "GET /admin/controller/extension/extension/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" [redacted] 45.130.81.7 - - [23/Feb/2026:20:08:44 +0100] "GET /admin/editor/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" [redacted] 45.130.81.7 - - [23/Feb/2026:20:08:44 +0100] "GET /admin/images/slider/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" [redacted] 45.130.81.7 - - [23/Feb/2026:20:08:44 +0100] "GET /admin/tmp/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" [redacted] 45.130.81.7 - - [23/Feb/2026:2 ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-19 09:54:35 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 19 04:54:29.723526 2026] [security2:error] [pid 18583:tid 18583] [client 45.130.81.7:38571] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|matteozacchino.dev\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "matteozacchino.dev"] [uri "/backups/www.sql"] [unique_id "aZbd1ehEy6Zn8J08UmRVFAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-02 16:49:08 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 11:49:01.878139 2026] [security2:error] [pid 1960:tid 1983] [client 45.130.81.7:52463] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|siestakeybch.com\|F\|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "siestakeybch.com"] [uri "/old/wallet.dat"] [unique_id "aVf2_bceF0ygSh3B23r6iwAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-19 07:31:13 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 19 02:31:09.726958 2025] [security2:error] [pid 8261:tid 8261] [client 45.130.81.7:44791] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dudleyanddudley.com"] [uri "/backup/sftp-config.json"] [unique_id "aUT_PX0Qvqju3hFyJQUGqgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2025-12-16 09:53:52 (6 months ago)	/bak/wallet.dat	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 13:33:38 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 08:33:34.511849 2025] [security2:error] [pid 30181:tid 30181] [client 45.130.81.7:27427] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.spectorworld.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.spectorworld.com"] [uri "/bak/backup.sql"] [unique_id "aTrILnB_WmJ1KovSVRY5LAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 Valhalla	2025-12-02 21:16:32 (6 months ago)	/jbn.ai.gz	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-11-30 01:09:59 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 20:09:56.423626 2025] [security2:error] [pid 708932:tid 708959] [client 45.130.81.7:22539] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ethniclivesmatter.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ethniclivesmatter.com"] [uri "/back/dump.sql"] [unique_id "aSuZZEfCXsYB_Xt6xiRapQAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-05 08:02:08 (7 months ago)	(mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 45.130.81.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 05 03:02:04.019335 2025] [security2:error] [pid 26338:tid 26338] [client 45.130.81.7:29967] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mrepoch.art\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mrepoch.art"] [uri "/backups/dump.sql"] [unique_id "aQsEfIa8F2_Jpty9tY6JPAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 106 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇪 217.199.144.86

🇭🇰 156.238.240.205

🇧🇫 102.178.68.247

🇳🇱 91.92.40.171

🇩🇪 31.70.86.139

🇳🇱 5.255.98.168

🇩🇪 195.201.228.157

🇳🇱 193.176.31.148

🇺🇸 193.19.109.190

🇲🇽 189.192.87.193

🇺🇸 159.26.103.77

🇨🇳 120.27.247.75

🇳🇱 91.92.40.202

🇺🇸 65.49.1.232

🇮🇩 36.85.216.240

🇷🇺 31.25.29.163

🇪🇸 208.76.222.220

🇳🇱 195.178.110.30

🇺🇸 135.119.27.130

🇫🇷 85.217.140.26