JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.142.213.76

45.142.213.76 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 0%: ?

ISP	LIR Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209847
Domain Name	lir.ae
Country	🇱🇻 Latvia
City	Riga, Riga

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.142.213.76

Whois 45.142.213.76

IP Abuse Reports for 45.142.213.76:

This IP address has been reported a total of 23 times from 9 distinct sources. 45.142.213.76 was first reported on July 20th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 CommanderRoot	2024-08-26 08:51:49 (1 year ago)	HTTP request flood	DDoS Attack Web Spam
🇦🇺 MAGIC	2024-08-16 14:02:58 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-08-13 06:18:52 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 02:18:47.833178 2024] [security2:error] [pid 10610:tid 10610] [client 45.142.213.76:32793] [client 45.142.213.76] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.142.213.76 (+1 hits since last alert)\|www.viajesconmigo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.viajesconmigo.com"] [uri "/xmlrpc.php"] [unique_id "Zrr6xz8wexdmGyNf7-DUIgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-11 07:40:46 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-08-10 08:22:18 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 04:22:13.826030 2024] [security2:error] [pid 18454:tid 18454] [client 45.142.213.76:34907] [client 45.142.213.76] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.142.213.76 (+1 hits since last alert)\|hopeforthefuture.africa\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hopeforthefuture.africa"] [uri "/xmlrpc.php"] [unique_id "ZrcjNRPPar3jF08RGAQoPQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2024-08-09 06:22:54 (1 year ago)	45.142.213.76 - - [09/Aug/2024:08:22:53 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 45.142.213.76 - - [09/Aug/2024:08:22:53 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
Anonymous	2024-08-08 11:20:17 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇲🇹 Malta	2024-08-05 10:42:46 (1 year ago)	45.142.213.76 - - [05/Aug/2024:12:42:46 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 45.142.213.76 - - [05/Aug/2024:12:42:46 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-08-04 05:09:17 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 01:09:09.655224 2024] [security2:error] [pid 21305:tid 21305] [client 45.142.213.76:61679] [client 45.142.213.76] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.142.213.76 (+1 hits since last alert)\|www.fetchamreadingroom.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fetchamreadingroom.org"] [uri "/xmlrpc.php"] [unique_id "Zq8M9RlJ6tfCA492rGQ3CQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-03 18:02:14 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 14:02:06.820964 2024] [security2:error] [pid 28554:tid 28554] [client 45.142.213.76:57473] [client 45.142.213.76] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.142.213.76 (+1 hits since last alert)\|www.xrsouthernsummit.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.xrsouthernsummit.org"] [uri "/xmlrpc.php"] [unique_id "Zq5wniPwA-IeqplXs6FN1wAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-03 07:54:46 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 03:54:39.236508 2024] [security2:error] [pid 18607:tid 18708] [client 45.142.213.76:1743] [client 45.142.213.76] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.142.213.76 (+1 hits since last alert)\|councilofforeignministers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "councilofforeignministers.com"] [uri "/xmlrpc.php"] [unique_id "Zq3iPx4LY8HLkMCO7mCJ5gAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-03 03:54:35 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-07-24 06:52:11 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the ... show more (mod_security) mod_security (id:240335) triggered by 45.142.213.76 (lv-vps-15.rasdark.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 24 02:52:05.094143 2024] [security2:error] [pid 16522:tid 16522] [client 45.142.213.76:11055] [client 45.142.213.76] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 45.142.213.76 (+1 hits since last alert)\|www.wild-goose.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.wild-goose.net"] [uri "/xmlrpc.php"] [unique_id "ZqCklZnkpXIW9rtM4easvgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2024-07-24 04:10:23 (1 year ago)	Wordpress malicious attack:[octausername]	Web App Attack
Anonymous	2024-07-24 00:12:29 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.158

🇳🇱 45.148.10.157

🇨🇳 14.22.23.243

🇬🇧 217.146.80.122

🇷🇺 217.70.22.129

🇺🇸 192.3.196.157

🇬🇧 188.240.59.56

🇺🇸 172.70.231.105

🇻🇳 160.250.186.97

🇮🇩 119.47.90.19

🇺🇸 107.152.44.215

🇭🇰 103.229.125.106

🇨🇿 82.118.30.81

🇨🇳 61.184.21.192

🇫🇮 46.8.64.51

🇵🇪 190.119.63.81

🇺🇸 167.99.101.214

🇨🇦 148.113.221.114

🇨🇳 122.51.78.94

🇹🇼 118.99.153.93