JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.133.6.96

45.133.6.96 was found in our database!

This IP was reported 97 times. Confidence of Abuse is 40%: ?

40%

ISP	VPN-Consumer-AU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇦🇺 Australia
City	Perth, Western Australia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.133.6.96

Whois 45.133.6.96

IP Abuse Reports for 45.133.6.96:

This IP address has been reported a total of 97 times from 50 distinct sources. 45.133.6.96 was first reported on November 14th 2023, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-21 06:39:14 (11 hours ago)	Excessive 404/403 errors	Brute-Force
🇬🇧 consul.to	2026-06-21 03:07:55 (14 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-18 15:38:14 (3 days ago)	Excessive 404/403 errors	Brute-Force
Anonymous	2026-06-05 08:55:33 (2 weeks ago)	(apache-useragents) Failed apache-useragents trigger with match [Go-http-client/1.1] from 45.133.6.9 ... show more (apache-useragents) Failed apache-useragents trigger with match [Go-http-client/1.1] from 45.133.6.96 (AU/Australia/-): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 45.133.6.96 - - [05/Jun/2026:10:55:28 +0200] "GET /wp-content/themes/chillbud/inc/welcome/assets/img/index.php HTTP/1.1" 301 593 "-" "Go-http-client/1.1" 45.133.6.96 - - [05/Jun/2026:10:55:29 +0200] "GET /wp-content/themes/astra/inc/builder/type/base/dynamic-css/button/index.php HTTP/1.1" 301 623 "-" "Go-http-client/1.1" 45.133.6.96 - - [05/Jun/2026:10:55:29 +0200] "GET /wp-content/themes/neve/assets/apps/dashboard/build/index.php HTTP/1.1" 301 595 "-" "Go-http-client/1.1" 45.133.6.96 - - [05/Jun/2026:10:55:30 +0200] "GET /wp-content/packed.php HTTP/1.1" 301 517 "-" "Go-http-client/1.1" 45.133.6.96 - - [05/Jun/2026:10:55:30 +0200] "GET /wp-content/languages/index.php HTTP/1.1" 301 535 "-" "Go-http-client/1.1" show less	Port Scan
🇨🇭 Origon	2026-06-05 01:05:47 (2 weeks ago)	http-backdoors-attempts - IP: 45.133.6.96 - time="2026-06-05T03:05:46+02:00" level=info msg="(555f6 ... show more http-backdoors-attempts - IP: 45.133.6.96 - time="2026-06-05T03:05:46+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-backdoors-attempts by ip 45.133.6.96 (AU/137409) : 4h ban on Ip 45.133.6.96" module=db show less	Web App Attack
🇿🇦 Tokolosh Hunters	2026-05-19 00:16:52 (1 month ago)	AutoBlockWindow-Known bad useragent query-2026-05-19 00:16:50	Bad Web Bot
🇩🇪 ghostwarriors	2026-05-18 18:20:34 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-05-18 15:09:55 (1 month ago)	404 flood (16/60s), 404 flood (17/60s)	Bad Web Bot Web App Attack
🇵🇱 nfsec.pl	2026-05-18 12:31:30 (1 month ago)	45.133.6.96 - - [18/May/2026:12:31:26 +0000] "GET /templates/Hoxa/error.php HTTP/2.0" 404 23883 "htt ... show more 45.133.6.96 - - [18/May/2026:12:31:26 +0000] "GET /templates/Hoxa/error.php HTTP/2.0" 404 23883 "https://nfsec.pl//templates/Hoxa/error.php" "Go-http-client/2.0" 45.133.6.96 - - [18/May/2026:12:31:27 +0000] "GET /wp-content/plugins/age-restriction/modules/remote_support/remote_init.php HTTP/2.0" 404 23984 "https://nfsec.pl//wp-content/plugins/age-restriction/modules/remote_support/remote_init.php" "Go-http-client/2.0" 45.133.6.96 - - [18/May/2026:12:31:28 +0000] "GET /templates/Cassiopeia/error.php HTTP/2.0" 404 24079 "https://nfsec.pl//templates/Cassiopeia/error.php" "Go-http-client/2.0" 45.133.6.96 - - [18/May/2026:12:31:29 +0000] "GET /templates/RiverS/error.php HTTP/2.0" 404 23878 "https://nfsec.pl//templates/RiverS/error.php" "Go-http-client/2.0" 45.133.6.96 - - [18/May/2026:12:31:29 +0000] "GET /local/moodle_webshell/ HTTP/2.0" 404 23979 "https://nfsec.pl//local/moodle_webshell/index.php" "Go-http-client/2.0" ... show less	Web App Attack Exploited Host
🇮🇹 VHosting	2026-05-18 05:35:02 (1 month ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇬🇧 consul.to	2026-05-06 00:07:34 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Octopuce	2026-05-05 20:39:59 (1 month ago)	Aggressive web search of vulnerable pages: /wp-admin/css/colors/ocean/about.php /images/index.php /w ... show more Aggressive web search of vulnerable pages: /wp-admin/css/colors/ocean/about.php /images/index.php /wp-content/bypass.php /.well-known/gecko-lit ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-03 05:44:33 (2 months ago)	(mod_security) mod_security (id:234930) triggered by 45.133.6.96 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:234930) triggered by 45.133.6.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 01:44:26.562454 2026] [security2:error] [pid 21533:tid 21533] [client 45.133.6.96:44063] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|bluemarineboats.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "bluemarineboats.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ac9TuuTnnqaYt_zdj5CWZQAAAAA"], referer: http://bluemarineboats.com/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-04-03 02:35:07 (2 months ago)	Blocking for trying to access an exploit file: /style.php	Hacking
🇺🇸 mnsf	2026-03-20 19:05:14 (3 months ago)	Request Overload (141)	Brute-Force Web App Attack

Showing 1 to 15 of 97 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.155.71

🇲🇾 49.124.148.187

🇱🇦 202.137.154.202

🇮🇹 172.253.228.154

🇺🇾 167.56.106.75

🇨🇳 106.75.33.247

🇳🇱 93.123.72.183

🇳🇱 77.83.39.14

🇺🇸 64.62.156.65

🇸🇬 8.219.57.172

🇺🇸 172.253.7.86

🇮🇩 165.154.150.65

🇻🇳 160.191.242.222

🇧🇷 138.94.139.134

🇺🇸 47.253.11.8

🇺🇸 20.65.219.131

🇨🇳 223.167.206.35

🇳🇱 45.148.10.152

🇫🇷 2a01:e0a:8aa:6b70:2ac6:8eff:fe36:f3ca

🇨🇳 218.9.233.223