JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.133.176.20

45.133.176.20 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 34%: ?

34%

ISP	Turkbil Telekomunikasyon
Usage Type	Data Center/Web Hosting/Transit
ASN	AS21859
Domain Name	turkbil.net.tr
Country	🇹🇼 Taiwan
City	Taipei, Taiwan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.133.176.20

Whois 45.133.176.20

IP Abuse Reports for 45.133.176.20:

This IP address has been reported a total of 18 times from 13 distinct sources. 45.133.176.20 was first reported on July 23rd 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TAY	2026-06-26 04:32:04 (15 hours ago)	45.133.176.20 - - [26/Jun/2026:12:22:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 ... show more 45.133.176.20 - - [26/Jun/2026:12:22:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" 45.133.176.20 - - [26/Jun/2026:12:27:38 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/82.0.0.0 Safari/537.36" 45.133.176.20 - - [26/Jun/2026:12:32:03 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6433 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/86.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 integrantservices.com	2026-06-24 17:19:33 (2 days ago)	(wordpress) Failed wordpress login from 45.133.176.20 (TW/Taiwan/-)	Brute-Force
🇺🇸 cwytech	2026-06-24 13:42:34 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wp-us-login-only-high.	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 11:42:08 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 45.133.176.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 45.133.176.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 07:42:03.684122 2026] [security2:error] [pid 15437:tid 15437] [client 45.133.176.20:20431] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|monogay.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "monogay.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajvCi8MI-9lAUMrfY_3JLQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 dineshskt4all	2026-06-20 19:52:10 (6 days ago)	[Sat Jun 20 19:51:49.140769 2026] [proxy_fcgi:error] [pid 759980:tid 136923925530304] [client 45.133 ... show more [Sat Jun 20 19:51:49.140769 2026] [proxy_fcgi:error] [pid 759980:tid 136923925530304] [client 45.133.176.20:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇻🇳 hirosume2	2026-04-07 00:23:22 (2 months ago)	DDoS composite score 34.6 (challenge tier) - 4 reqs/5min - high_traffic	DDoS Attack
🇺🇸 myagent.site	2026-02-22 16:27:41 (4 months ago)	Blocking for trying to access an exploit file: /images/upload.php	Hacking
🇺🇸 TPI-Abuse	2026-02-16 07:57:39 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 45.133.176.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 45.133.176.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 16 02:53:46.674066 2026] [security2:error] [pid 23907:tid 23907] [client 45.133.176.20:40301] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|thebeesgold.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "thebeesgold.com"] [uri "/images/stories/themes.php"] [unique_id "aZLNCh6Ua_TfWxFsKbIjcwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-06 18:20:56 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 45.133.176.20 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 45.133.176.20 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 13:20:50.595743 2026] [security2:error] [pid 31084:tid 31084] [client 45.133.176.20:54623] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|intra.es\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "intra.es"] [uri "/images/stories/themes.php"] [unique_id "aYYxAiA1xBsZtQRW1iAQDQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-09-05 21:05:09 (9 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-09-03 23:00:22 (9 months ago)	Malicious activity detected	Hacking Web App Attack
Anonymous	2025-09-03 22:07:15 (9 months ago)	Trawling for Open Source CMS installs	Hacking Brute-Force
🇦🇺 oncord	2025-03-30 02:48:59 (1 year ago)	Form spam	Web Spam
Anonymous	2025-03-21 06:20:25 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-02-20 18:35:53 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.197.14.60

🇹🇭 182.52.109.76

🇺🇸 147.185.132.0

🇺🇸 98.84.45.137

🇳🇱 91.92.40.4

🇺🇸 34.205.50.0

🇨🇦 24.122.136.94

🇸🇬 4.194.31.84

🇺🇸 205.210.31.0

🇺🇸 198.98.62.211

🇪🇬 197.46.234.209

🇺🇸 162.216.150.0

🇻🇳 160.250.181.54

🇩🇪 69.5.169.125

🇳🇱 45.153.34.43

🇬🇧 35.203.211.221

🇺🇸 216.25.89.131

🇹🇼 198.235.24.0

🇩🇪 167.94.146.0

🇮🇳 122.161.241.228