AbuseIPDB » 45.138.16.113

45.138.16.113 was found in our database!

This IP was reported 731 times. Confidence of Abuse is 72%: ?

72%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	1337 Services GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210558
Domain Name	as210558.net
Country	Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 45.138.16.113

Whois 45.138.16.113

IP Abuse Reports for 45.138.16.113:

This IP address has been reported a total of 731 times from 174 distinct sources. 45.138.16.113 was first reported on July 30th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
dynamix	2025-06-14 13:54:08 (2 days ago)	Multiple WAF Violations	Web App Attack
Site.eu	2025-06-13 23:09:53 (2 days ago)	Excessive multi-domain requests	Brute-Force
TPI-Abuse	2025-06-13 09:43:23 (3 days ago)	(mod_security) mod_security (id:210730) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 13 05:43:15.794011 2025] [security2:error] [pid 754444:tid 754444] [client 45.138.16.113:33254] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||robertgregorybrowne.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "robertgregorybrowne.com"] [uri "/main_wordpress.sql"] [unique_id "aEvys7vTsM0qE_iC3JS3vQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
ozisp.com.au	2025-06-12 12:06:54 (4 days ago)	null_null_<33>1749730011 [1:2522086:5917] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic ... show morenull_null_<33>1749730011 [1:2522086:5917] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 45.138.16.113:56900 show less	Open Proxy
dynamix	2025-06-12 10:26:29 (4 days ago)	Multiple WAF Violations	Web App Attack
Pingger Shikkoken	2025-06-11 14:52:56 (5 days ago)	2025-06-11T14:52:56+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more2025-06-11T14:52:56+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=45.138.16.113 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x40 TTL=56 ID=5725 DF PROTO=TCP SPT=23118 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 2025-06-11T14:52:57+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=45.138.16.113 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x40 TTL=56 ID=56881 DF PROTO=TCP SPT=23132 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 2025-06-11T14:52:57+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=45.138.16.113 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x40 TTL=56 ID=5726 DF PROTO=TCP SPT=23118 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
TPI-Abuse	2025-06-11 12:00:05 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 11 07:59:58.094324 2025] [security2:error] [pid 1920994:tid 1920994] [client 45.138.16.113:18138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kontikimotorcycles.com"] [uri "/wp-config.php.save.10"] [unique_id "aElvvsGC8JvGU1hkVR9OxgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-06-11 10:22:01 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 11 06:21:54.997620 2025] [security2:error] [pid 1222974:tid 1222974] [client 45.138.16.113:38798] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.memorylanemovies.com"] [uri "/.git/config"] [unique_id "aElYwnyuxKV8v0DetQoF2QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
dynamix	2025-06-10 17:53:14 (5 days ago)	Multiple WAF Violations	Web App Attack
TPI-Abuse	2025-06-10 12:10:53 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 10 08:10:47.822034 2025] [security2:error] [pid 25728:tid 25822] [client 45.138.16.113:27644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lvfinestproperty.com"] [uri "/wp-config.php.save.4"] [unique_id "aEggx3W5YVxs-ra6k_6KoAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Burayot	2025-06-09 17:41:19 (6 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.138.16.113 (PL/Poland/-): 1 in t ... show moreLF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.138.16.113 (PL/Poland/-): 1 in the last 3600 secs show less	Web App Attack
TPI-Abuse	2025-06-09 03:15:00 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 45.138.16.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 08 23:14:53.006424 2025] [security2:error] [pid 60124:tid 60124] [client 45.138.16.113:13700] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bisbyphotography.com"] [uri "/.git/config"] [unique_id "aEZRrdlNU-NVOGuFuQ2_rwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
digitallodge.cloud	2025-06-08 23:40:23 (1 week ago)	Blocked on port 47974 (TTL:199, LEN:141, TOS:0x00). Reason: UFW BLOCK IN=eth0 OUT= MAC=00:11:22:33:4 ... show moreBlocked on port 47974 (TTL:199, LEN:141, TOS:0x00). Reason: UFW BLOCK IN=eth0 OUT= MAC=00:11:22:33:44:55 SRC=45.138.16.113 DST=45.134.39.16 LEN=141 TOS=0x00 PREC=0x00 TTL=199 ID=12345 PROTO=TCP SPT=12345 DPT=47974 WINDOW=65535 RES=0x00 SYN URGP=0. Reported by DigitalLodge Security. show less	Hacking Brute-Force
vexhost.pl	2025-06-08 16:34:13 (1 week ago)	Suspicous activity [srv-R9-1] | 2025-06-08 16:34:13 UTC	Brute-Force
vexhost.pl	2025-06-08 13:20:03 (1 week ago)	Suspicous activity [srv-R9-1] | 2025-06-08 13:20:02 UTC	Brute-Force

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩