AbuseIPDB » 45.135.193.65

45.135.193.65 was found in our database!

This IP was reported 1,399 times. Confidence of Abuse is 100%: ?

100%

ISP	Pfcloud UG
Usage Type	Data Center/Web Hosting/Transit
ASN	AS51396
Domain Name	pfcloud.io
Country	Germany
City	Langen, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 45.135.193.65

Whois 45.135.193.65

IP Abuse Reports for 45.135.193.65:

This IP address has been reported a total of 1,399 times from 305 distinct sources. 45.135.193.65 was first reported on March 23rd 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Anonymous	2025-04-19 09:52:30 (1 hour ago)	Reported from Nginx log analysis 6. Log: 45.135.193.65 - - [19/Apr/2025:xx:xx:xx 0200] "GET /.env H ... show moreReported from Nginx log analysis 6. Log: 45.135.193.65 - - [19/Apr/2025:xx:xx:xx 0200] "GET /.env HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Safari/537.36" "-" "DE Germany Frankfurt am Main" "AS51396" "Pfcloud UG" show less	Port Scan Brute-Force SSH
Rene Hickersberger	2025-04-19 07:04:26 (4 hours ago)	[2025-04-19T07:04:26Z] Malicious request to /.env	Hacking Bad Web Bot Web App Attack
el-brujo	2025-04-19 06:51:34 (4 hours ago)	19/Apr/2025:08:51:34.282493 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more19/Apr/2025:08:51:34.282493 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 45.135.193.65] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "91.126.217.153"] [uri "/.env"] [unique_id "aANH9jHXdS1YuCZaGkwE_wAAAAc"] ... show less	Hacking Web App Attack
MSZ	2025-04-19 06:48:07 (4 hours ago)	Blocked by Fail2Ban (plesk-modsecurity)	Hacking Brute-Force Web App Attack
PaulSep	2025-04-19 06:45:21 (4 hours ago)	45.135.193.65 - - [19/Apr/2025:08:45:20 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; ... show more45.135.193.65 - - [19/Apr/2025:08:45:20 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Linux; Android 6.0; ALE-L21 Build/HuaweiALE-L21) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36" "-" show less	Hacking
middleearth.fr	2025-04-19 06:44:47 (4 hours ago)	HTTP GET on a non-existent endpoint (CMS, .env, aws.yml, ...)	Web App Attack
HoneyPotFRI	2025-04-19 06:43:44 (4 hours ago)	45.135.193.65 - - [19/Apr/2025:08:43:25 +0200] "GET /.env HTTP/1.1" 404 125 "-" "portalmmm/2.0 N410i ... show more45.135.193.65 - - [19/Apr/2025:08:43:25 +0200] "GET /.env HTTP/1.1" 404 125 "-" "portalmmm/2.0 N410i(c20;TB)" 45.135.193.65 [redacted] (51396-Pfcloud UG Germany Frankfurt am Main) - - [19/Apr/2025:0 ... show less	Bad Web Bot Web App Attack
ut-addicted.com	2025-04-19 06:29:19 (5 hours ago)	\[Sat Apr 19 08:29:17.894003 2025\] \[:error\] \[pid 5682:tid 140572048193280\] \[client 45.135.193. ... show more\[Sat Apr 19 08:29:17.894003 2025\] \[:error\] \[pid 5682:tid 140572048193280\] \[client 45.135.193.65:42808\] \[client 45.135.193.65\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.env"\] \[unique_id "aANCve4BrFk9Lk4K5IWK4gAAAMo"\] show less	Brute-Force Web App Attack
breubit	2025-04-19 06:26:56 (5 hours ago)	45.135.193.65 - - [19/Apr/2025:08:26:55 +0200] "GET /.env HTTP/1.1" 404 3091 "-" "Mozilla/5.0 (Windo ... show more45.135.193.65 - - [19/Apr/2025:08:26:55 +0200] "GET /.env HTTP/1.1" 404 3091 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36" ... show less	Web App Attack
SecondEdge	2025-04-19 06:22:31 (5 hours ago)	A web attack was detected from 45.135.193.65 (Germany) against 52.215.230.232 (Git Variable Scan).	Web App Attack
kumiko	2025-04-19 06:19:21 (5 hours ago)	[2025-04-19 06:19:20] Probing for dotfiles "GET /.env HTTP/1.1" 403	Bad Web Bot Web App Attack
Jim Keir	2025-04-19 06:05:47 (5 hours ago)	2025-04-19 06:05:46 45.135.193.65 File scanning, blocking 45.135.193.65 for 5 minutes	Web App Attack
dpinse	2025-04-19 06:04:27 (5 hours ago)	teler detected CVE-2017-16894 against resource /.env from 45.135.193.65	Web App Attack
PulseServers	2025-04-19 05:44:35 (5 hours ago)	Probing a honeypot for vulnerabilities. Ignored robots.txt - UK10 Honeypot ...	Hacking Web App Attack
Study Bitcoin 🤗	2025-04-19 05:44:20 (5 hours ago)	Port probe to tcp/443 (https) [srv124]	Port Scan Brute-Force Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩