JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.133.7.70

45.133.7.70 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 57%: ?

57%

ISP	VPN-Consumer-NZ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇳🇿 New Zealand
City	Auckland, Auckland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.133.7.70

Whois 45.133.7.70

IP Abuse Reports for 45.133.7.70:

This IP address has been reported a total of 71 times from 34 distinct sources. 45.133.7.70 was first reported on April 5th 2024, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-29 13:13:32 (21 hours ago)	Multiple WAF Violations	Web App Attack
🇫🇷 Octopuce	2026-06-27 10:52:35 (2 days ago)	Aggressive web search of vulnerable pages: /wp-header.php /wp-content/themes/admin.php /Marvins.php ... show more Aggressive web search of vulnerable pages: /wp-header.php /wp-content/themes/admin.php /Marvins.php /wp-content/about.php /wp-class.php /xx.php ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 04:40:14 (3 days ago)	(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:40:08.261254 2026] [security2:error] [pid 24254:tid 24254] [client 45.133.7.70:59401] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|stlouisdave.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "stlouisdave.com"] [uri "/images/stories/themes.php"] [unique_id "aj9UKFA6HUKe00i5aOtnxwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Rip	2026-06-25 20:20:04 (4 days ago)	Unauthorized access attempts across vhosts probing for web-shells and backdoors.	Web App Attack
🇬🇧 consul.to	2026-06-24 06:00:12 (6 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 Site.eu	2026-06-24 03:53:46 (6 days ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-24 03:06:57 (6 days ago)	(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:06:50.436201 2026] [security2:error] [pid 13549:tid 13549] [client 45.133.7.70:34589] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|waynemather.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "waynemather.com"] [uri "/images/stories/themes.php"] [unique_id "ajtJyml2nCxflgY6RRr53wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 18:11:54 (1 week ago)	(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 14:11:49.518659 2026] [security2:error] [pid 14885:tid 14885] [client 45.133.7.70:52587] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|sra-ep.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "sra-ep.org"] [uri "/images/stories/themes.php"] [unique_id "ajl65V50tEeZZodrqbUTUwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-22 05:32:50 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 masterguru	2026-06-22 01:08:22 (1 week ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)	Hacking
🇬🇧 consul.to	2026-06-20 07:23:49 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 04:07:14 (1 week ago)	(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 00:07:10.579859 2026] [security2:error] [pid 32692:tid 32692] [client 45.133.7.70:28187] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|bilimkurgumanyagi.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "bilimkurgumanyagi.com"] [uri "/images/stories/themes.php"] [unique_id "ajYR7nt2WLKKpddAhG0B1QAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 17:12:39 (1 week ago)	45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /images/class-config.php HTTP/1.1" 404 196 "-" "Mo ... show more 45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /images/class-config.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /components/com_jea/views/form/tmpl/size.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)" 45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /templates/beez/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.133.7.70 - - [20/Jun/2026:01:12:37 +0800] "GET /bypass.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" 45.133.7.70 - - [20/Jun/2026:01:12:37 +0800] "GET /class.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36" 45.133.7.70 - - [20/Jun/2026:01:1 ... show less	Bad Web Bot Web App Attack
🇩🇪 conseilgouz	2026-06-19 06:11:46 (1 week ago)	doe-7 : Trying access unauthorized files/dir=>/.wp/wso.php	Hacking
🇫🇷 SpaceHost-Server	2026-06-18 22:32:39 (1 week ago)		Brute-Force Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.245

🇧🇷 205.210.31.195

🇦🇷 186.128.143.127

🇫🇮 178.20.210.208

🇮🇹 151.33.37.34

🇸🇮 102.220.160.154

🇳🇱 45.153.34.137

🇺🇸 45.79.98.252

🇸🇬 206.189.39.6

🇵🇰 203.109.42.46

🇳🇱 172.253.95.212

🇺🇸 157.173.204.91

🇧🇩 115.127.137.26

🇹🇷 94.123.228.221

🇫🇷 91.196.152.91

🇧🇬 79.124.56.250

🇹🇭 49.49.73.64

🇧🇪 34.76.130.210

🇰🇷 118.44.106.125

🇫🇷 91.231.89.104