JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.131.108.251

45.131.108.251 was found in our database!

This IP was reported 72 times. Confidence of Abuse is 100%: ?

100%

ISP	Tube-Hosting
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49581
Hostname(s)	tube-server.com
Domain Name	tube-hosting.com
Country	🇩🇪 Germany
City	Aachen, North Rhine-Westphalia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.131.108.251

Whois 45.131.108.251

IP Abuse Reports for 45.131.108.251:

This IP address has been reported a total of 72 times from 59 distinct sources. 45.131.108.251 was first reported on May 12th 2023, and the most recent report was 30 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Epimetheus	2026-06-16 06:31:06 (30 minutes ago)	Unauthorized access attempts: [GET] /wp-admin/includes/about.php [GET] /v.php [GET] /radio.php [GET ... show more Unauthorized access attempts: [GET] /wp-admin/includes/about.php [GET] /v.php [GET] /radio.php [GET] /php8.php [GET] /headers.php [GET] /.well-known/classwithtostring.php [GET] /NewFile.php [GET] /wp-activate.php [GET] /bak.php [GET] /wp-fmfile.php [GET] /gecko-new.php [GET] /12.php [GET] /wp-file.php [GET] /wp-content/uploads/2025/03/themes.php [GET] /12.php [GET] /wp-content/plugins/linkpreview/index.php [GET] /wp-content/cache/index.php [GET] /system.php [GET] /wp-content/uploads/2022/10/upload.php [GET] /doc.php [GET] /alfa.php [GET] /lock360.php [GET] /wp-includes/css/index.php [GET] /public/makeasmtp.php [GET] /wp-signup.php [GET] /public/makeasmtp.php [GET] /.well-known/admin.php [GET] /.well-known/file.php [GET] /.well-known/acme-challenge/about.php [GET] /a.php [GET] /f.php [GET] /index.php [GET] /wp-conflg.php [GET] /a.php [GET] /fi2.php [GET] /manager.php [GET] /wp-admin/css/colors/blue/admin.php [GET] /manager.php [GET] /wp-links.php [GET] /02.php [GET] /cho ...(Truncated) show less	Web App Attack
🇱🇻 garmtech.com	2026-06-16 06:22:52 (39 minutes ago)	Attempted access to sensitive endpoint (/wp-content.php.php) detected. Automated scan or unauthorize ... show more Attempted access to sensitive endpoint (/wp-content.php.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇹🇭 thaizone.com	2026-06-16 05:57:50 (1 hour ago)	Hacking attempts against websites (D1) #1	Web App Attack Hacking
🇳🇿 Antinson	2026-06-16 05:40:35 (1 hour ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 kbeezie	2026-06-16 05:37:41 (1 hour ago)	45.131.108.251 - - [16/Jun/2026:01:37:40 -0400] "GET /NewFile.php HTTP/1.1" 429 564 "-" "Mozilla/5.0 ... show more 45.131.108.251 - - [16/Jun/2026:01:37:40 -0400] "GET /NewFile.php HTTP/1.1" 429 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 45.131.108.251 - - [16/Jun/2026:01:37:40 -0400] "GET /function.php HTTP/1.1" 429 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 45.131.108.251 - - [16/Jun/2026:01:37:40 -0400] "GET /plugins.php HTTP/1.1" 429 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 45.131.108.251 - - [16/Jun/2026:01:37:40 -0400] "GET /wp-includes/about.php HTTP/1.1" 429 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 45.131.108.251 - - [16/Jun/2026:01:37:40 -0400] "GET /xxx.php HTTP/1.1" 429 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-16 05:32:24 (1 hour ago)	(mod_security) mod_security (id:1000001) triggered by 45.131.108.251: 1 in the last 86400 secs; Port ... show more (mod_security) mod_security (id:1000001) triggered by 45.131.108.251: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 08:32:20.373338 2026] [security2:error] [pid 2210175:tid 2210248] [client 45.131.108.251:61265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/13.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /13.php"] [severity "CRITICAL"] [tag "security"] [hostname "www.babis.photo"] [uri "/13.php"] [unique_id "ajDf5H9oGssBgNwsPFtpdwAAAFE"] show less	Port Scan
🇳🇱 Mangelot Hosting	2026-06-16 04:59:45 (2 hours ago)	(php_susp_dir) srv101 PHP in suspicious dir 45.131.108.251 (NL/The Netherlands/tube-server.com): 1 i ... show more (php_susp_dir) srv101 PHP in suspicious dir 45.131.108.251 (NL/The Netherlands/tube-server.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 paissangroup	2026-06-16 04:55:14 (2 hours ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-16 04:51:11 (2 hours ago)	Bot / seems abusive / Apache connections: 37	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-16 04:47:31 (2 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 antlac1	2026-06-16 04:45:29 (2 hours ago)	crowdsecurity/http-crawl-non_statics	Brute-Force Web App Attack
🇧🇪 taivas.nl	2026-06-16 04:33:22 (2 hours ago)	Many_bad_calls	Web App Attack
🇩🇪 macrob	2026-06-16 04:08:38 (2 hours ago)	2026/06/16 04:08:33 [error] 2619727#2619727: 308819479 access forbidden by rule, client: 45.131.108 ... show more 2026/06/16 04:08:33 [error] 2619727#2619727: 308819479 access forbidden by rule, client: 45.131.108.251, server: antzfund.com, request: "GET /wp-content/ HTTP/1.1", host: "antzfund.com" 2026/06/16 04:08:33 [error] 2619725#2619725: 308819544 access forbidden by rule, client: 45.131.108.251, server: antzfund.com, request: "GET /wp-content/plugins/xt/ HTTP/1.1", host: "antzfund.com" 2026/06/16 04:08:34 [error] 2619727#2619727: 308819499 access forbidden by rule, client: 45.131.108.251, server: antzfund.com, request: "GET /wp-content/plugins/xt HTTP/1.1", host: "antzfund.com" ... show less	Web App Attack
🇪🇸 el-brujo	2026-06-16 03:48:12 (3 hours ago)	[Tue Jun 16 05:48:11.443923 2026] [proxy_fcgi:error] [pid 3297869:tid 3297919] [remote 45.131.108.25 ... show more [Tue Jun 16 05:48:11.443923 2026] [proxy_fcgi:error] [pid 3297869:tid 3297919] [remote 45.131.108.251:0] AH01071: Got error 'Primary script unknown\n' [Tue Jun 16 05:48:11.574117 2026] [proxy_fcgi:error] [pid 3297869:tid 3297924] [remote 45.131.108.251:0] AH01071: Got error 'Primary script unknown\n' ... show less	Hacking Web App Attack
🇩🇪 maxpower	2026-06-16 03:28:39 (3 hours ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 45.131.108.251 (tube-server.com): 1 in the la ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 45.131.108.251 (tube-server.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 45.131.108.251 - - [16/Jun/2026:05:28:36 +0200] "GET /lock360.php HTTP/1.1" 404 8898 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=spazioitaliaarteinmovimento.it show less	Port Scan

Showing 1 to 15 of 72 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.207

🇰🇷 112.216.129.27

🇰🇷 211.62.96.42

🇻🇪 201.243.244.16

🇫🇮 178.20.210.208

🇯🇵 160.251.233.37

🇫🇮 147.185.133.80

🇳🇱 91.92.40.7

🇸🇬 85.203.23.14

🇫🇷 84.17.60.251

🇺🇸 45.131.193.88

🇺🇸 35.252.173.15

🇬🇧 35.203.210.239

🇳🇱 34.32.138.173

🇺🇸 174.75.211.217

🇺🇸 172.210.9.172

🇩🇪 167.94.146.47

🇨🇦 165.227.38.106

🇺🇸 108.181.23.81

🇨🇦 85.217.149.34