JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.133.7.90

45.133.7.90 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 41%: ?

41%

ISP	VPN-Consumer-NZ
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	legaconetworks.nl
Country	🇳🇿 New Zealand
City	Auckland, Auckland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.133.7.90

Whois 45.133.7.90

IP Abuse Reports for 45.133.7.90:

This IP address has been reported a total of 64 times from 32 distinct sources. 45.133.7.90 was first reported on July 15th 2023, and the most recent report was 56 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-23 00:35:25 (56 minutes ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-06-21 14:09:00 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 HERA - Operations	2026-06-21 13:57:43 (1 day ago)	club-herrmann - searching for vulnerable scripts: autoload_classmap.php 2026/06/21 15:57:42	Web App Attack
🇬🇧 consul.to	2026-06-20 10:37:16 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 01:37:49 (2 days ago)	(mod_security) mod_security (id:240000) triggered by 45.133.7.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.133.7.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:37:46.053439 2026] [security2:error] [pid 2588:tid 2588] [client 45.133.7.90:50933] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|lamreed.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "lamreed.com"] [uri "/images/stories/themes.php"] [unique_id "ajXu6tf2QoIogjJri6y73QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 17:12:48 (3 days ago)	45.133.7.90 - - [20/Jun/2026:01:12:45 +0800] "GET /css/css.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Wi ... show more 45.133.7.90 - - [20/Jun/2026:01:12:45 +0800] "GET /css/css.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.133.7.90 - - [20/Jun/2026:01:12:45 +0800] "GET /init.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" 45.133.7.90 - - [20/Jun/2026:01:12:46 +0800] "GET /wp-admin/user/wp-login.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" 45.133.7.90 - - [20/Jun/2026:01:12:46 +0800] "GET /autoload_classmap/function.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 45.133.7.90 - - [20/Jun/2026:01:12:46 +0800] "GET /wp-includes/item.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" 45.133 ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:37:03 (3 days ago)	(mod_security) mod_security (id:240000) triggered by 45.133.7.90 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 45.133.7.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:36:57.063740 2026] [security2:error] [pid 28915:tid 28915] [client 45.133.7.90:38703] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|chelseafootballprogrammes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "chelseafootballprogrammes.com"] [uri "/images/stories/themes.php"] [unique_id "ajVwKeL0jfXQe4SF9awnsgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-18 22:32:48 (4 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-17 22:32:11 (5 days ago)		Brute-Force Web App Attack
🇺🇸 threatintelligence_bvc	2026-05-30 06:37:45 (3 weeks ago)		Brute-Force
🇺🇦 URAN Publishing Service	2026-05-07 03:31:57 (1 month ago)	45.133.7.90 - - [07/May/2026:06:31:53 +0300] "GET /wp-content/themes/twenty/twenty.php HTTP/1.1" 404 ... show more 45.133.7.90 - - [07/May/2026:06:31:53 +0300] "GET /wp-content/themes/twenty/twenty.php HTTP/1.1" 404 705 "-" "Go-http-client/1.1" 45.133.7.90 - - [07/May/2026:06:31:56 +0300] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 404 705 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 rdpguard.com	2026-05-06 23:33:40 (1 month ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇬🇧 consul.to	2026-04-25 06:41:26 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 mnsf	2026-04-23 12:05:22 (1 month ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 myagent.site	2026-03-13 01:01:21 (3 months ago)	Blocking for trying to access an exploit file: //chosen.php	Hacking

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 78.128.112.74

🇺🇸 13.86.115.177

🇩🇪 213.209.159.227

🇩🇪 207.154.212.47

🇱🇹 194.165.16.163

🇧🇷 189.15.10.179

🇷🇺 185.9.186.238

🇫🇮 173.194.98.26

🇫🇮 147.185.133.191

🇺🇸 147.185.132.164

🇲🇴 125.31.2.160

🇩🇪 116.202.213.58

🇺🇸 104.243.43.19

🇺🇸 104.243.35.92

🇵🇱 91.228.32.70

🇳🇱 91.92.40.231

🇩🇪 51.75.83.120

🇺🇸 45.146.55.75

🇮🇪 20.191.45.212

🇬🇧 195.96.139.192