JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.131.65.182

45.131.65.182 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 100%: ?

100%

ISP	ByteHosting
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203446
Hostname(s)	182.65.131.45.in-addr.arpa
Domain Name	bytehosting.cloud
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.131.65.182

Whois 45.131.65.182

IP Abuse Reports for 45.131.65.182:

This IP address has been reported a total of 21 times from 21 distinct sources. 45.131.65.182 was first reported on June 26th 2026, and the most recent report was 22 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 largo-it.net	2026-06-27 17:43:40 (22 minutes ago)	Jun 27 19:43:31 vps-9f3cdc33 haproxy[955134]: 45.131.65.182:52082 [27/Jun/2026:19:43:31.033] www_fro ... show more Jun 27 19:43:31 vps-9f3cdc33 haproxy[955134]: 45.131.65.182:52082 [27/Jun/2026:19:43:31.033] www_frontend~ finance_cluster/finance1_test1_https 0/0/10/50/60 404 3252 - - ---- 37/5/0/0/0 0/0 "GET /env HTTP/1.1" Jun 27 19:43:32 vps-9f3cdc33 haproxy[955134]: 45.131.65.182:49594 [27/Jun/2026:19:43:32.850] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/72/83 404 3252 - - ---- 50/18/4/4/0 0/0 "GET /backend/.env HTTP/1.1" Jun 27 19:43:32 vps-9f3cdc33 haproxy[955134]: 45.131.65.182:49642 [27/Jun/2026:19:43:32.851] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/75/86 404 3252 - - ---- 50/18/3/3/0 0/0 "GET /.aws/credentials HTTP/1.1" Jun 27 19:43:32 vps-9f3cdc33 haproxy[955134]: 45.131.65.182:49630 [27/Jun/2026:19:43:32.852] www_frontend~ finance_cluster/finance1_test1_https 0/0/10/94/104 404 3252 - - ---- 50/18/2/2/0 0/0 "GET /config.json HTTP/1.1" Jun 27 19:43:32 vps-9f3cdc33 haproxy[955134]: 45.131.65.182:49612 [27/Jun/2026:19:43:32.861] www_frontend~ finance_cluster/fin ... show less	Hacking Bad Web Bot Web App Attack
🇨🇭 zynex	2026-06-27 17:34:41 (31 minutes ago)	URL Probing: /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 17:15:24 (51 minutes ago)	(mod_security) mod_security (id:210492) triggered by 45.131.65.182 (182.65.131.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.131.65.182 (182.65.131.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 13:15:19.602878 2026] [security2:error] [pid 9715:tid 9736] [client 45.131.65.182:56068] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "latinofederation.org"] [uri "/.git/HEAD"] [unique_id "akAFJ4jMB8ZFw76iy82JEwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-27 17:02:57 (1 hour ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 Victor López	2026-06-27 16:56:06 (1 hour ago)	lavadodepisosbogota.com 45.131.65.182 - - [27/Jun/2026:11:56:03 -0500] "GET /.git/HEAD HTTP/1.1" 403 ... show more lavadodepisosbogota.com 45.131.65.182 - - [27/Jun/2026:11:56:03 -0500] "GET /.git/HEAD HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" lavadodepisosbogota.com 45.131.65.182 - - [27/Jun/2026:11:56:04 -0500] "GET /.env.local HTTP/1.1" 404 10319 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" lavadodepisosbogota.com 45.131.65.182 - - [27/Jun/2026:11:56:05 -0500] "GET /.env HTTP/1.1" 404 10319 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
Anonymous	2026-06-27 12:57:04 (5 hours ago)	Bot / scanning and/or hacking attempts: GET /.env.development HTTP/1.1, GET /.env.production HTTP/1. ... show more Bot / scanning and/or hacking attempts: GET /.env.development HTTP/1.1, GET /.env.production HTTP/1.1, GET /backend/.env HTTP/1.1, HEAD / HTTP/1.1, GET /env HTTP/1.1, GET /.git/HEAD HTTP/1.1, GET /config.json HTTP/1.1, GET /js/config.js HTTP/1.1, GET /.env.local HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /.git/config HTTP/1.1, GET /api/.env HTTP/1.1, GET / HTTP/1.1, GET /.env HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-27 11:15:02 (6 hours ago)	suspicious request in access.log	Web App Attack
🇫🇷 Guardian	2026-06-27 10:24:40 (7 hours ago)	Multi abuses [2]: Unauthorized connection attempt / Port scanning (x3), Unauthorized attempt to retr ... show more Multi abuses [2]: Unauthorized connection attempt / Port scanning (x3), Unauthorized attempt to retrieve configuration file 45.131.65.182 [27/Jun/2026:10:24:38] "HEAD / HTTP/1.1" 45.131.65.182 [27/Jun/2026:10:24:38] "HEAD / HTTP/1.1" 45.131.65.182 [27/Jun/2026:10:24:39] "GET / HTTP/1.1" 45.131.65.182 [27/Jun/2026:10:24:39] "GET /.git/HEAD HTTP/1.1" 45.131.65.182 [27/Jun/2026:10:24:39] "GET /.env HTTP/1.1" show less	Port Scan Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-27 01:23:09 (16 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇷🇺 DZBOT	2026-06-27 00:06:00 (18 hours ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 mnsf	2026-06-27 00:05:32 (18 hours ago)	Scanning/Probing (11)	Brute-Force Web App Attack
🇳🇱 globcom	2026-06-26 23:23:29 (18 hours ago)	General hacking/exploits/scanning	Web App Attack
🇧🇪 cmbplf	2026-06-26 22:29:57 (19 hours ago)	236 requests with url.path .env 183 requests with url.path .git/*	Brute-Force Bad Web Bot
🇯🇵 ki3	2026-06-26 21:48:04 (20 hours ago)	Fail2Ban: Web App Attacks and Forum Spam 45.131.65.182 1782510484.0(JST)	Web Spam Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-26 21:07:36 (20 hours ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 134.209.202.49

🇰🇷 211.37.174.62

🇺🇸 172.56.198.80

🇺🇸 170.106.174.205

🇫🇮 147.185.133.193

🇵🇹 109.50.185.153

🇱🇧 94.187.16.97

🇫🇷 85.217.140.26

🇹🇷 78.189.162.27

🇨🇳 49.115.217.27

🇺🇸 44.195.14.106

🇺🇸 44.110.8.162

🇸🇬 43.160.215.203

🇵🇱 23.230.80.113

🇧🇪 198.235.24.238

🇦🇿 185.146.115.218

🇸🇬 139.59.105.31

🇵🇰 110.93.224.226

🇧🇩 103.171.233.156

🇿🇦 102.251.75.1