JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.67.97.63

45.67.97.63 was found in our database!

This IP was reported 56 times. Confidence of Abuse is 0%: ?

ISP	Legaco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS40676
Domain Name	legaconetworks.nl
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.67.97.63

Whois 45.67.97.63

IP Abuse Reports for 45.67.97.63:

This IP address has been reported a total of 56 times from 32 distinct sources. 45.67.97.63 was first reported on July 26th 2022, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 Antinson	2025-12-22 11:10:41 (5 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇱🇺 conseilgouz	2025-12-15 03:27:21 (5 months ago)	are-17 : Block hidden directories=>/.env(/)	Hacking
🇺🇸 myagent.site	2025-12-15 00:18:09 (5 months ago)	Blocking for trying to access an exploit file: /.env	Hacking
🇨🇭 teamsecure	2025-12-14 18:59:09 (5 months ago)	Banned for trying to access env	Web App Attack
🇩🇪 FeG Deutschland	2025-12-14 14:54:25 (5 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-12-14 12:32:21 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 14 07:32:17.658060 2025] [security2:error] [pid 14154:tid 14154] [client 45.67.97.63:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "isimsiz.xyz"] [uri "/.env"] [unique_id "aT6uUVfKDKDRh9k0xpp0RAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-12-14 07:29:13 (5 months ago)	101 requests with url.path *.env	Brute-Force Bad Web Bot
🇺🇸 mnsf	2025-12-14 00:05:36 (5 months ago)	Too many Status 40X (17) Request Overload (102)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-13 23:32:37 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 13 18:32:32.796603 2025] [security2:error] [pid 30167:tid 30167] [client 45.67.97.63:47427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanacademyofteachersofsinging.org"] [uri "/.env"] [unique_id "aT33kLHWbpHpz0V1yWoxcAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Major Hostility	2025-12-13 16:52:17 (5 months ago)	"GET /.env HTTP/1.1" 404 "GET /.env HTTP/1.1" 404	Web App Attack
🇺🇸 TPI-Abuse	2025-12-13 12:01:26 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 13 07:01:22.190050 2025] [security2:error] [pid 12724:tid 12724] [client 45.67.97.63:30225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "turquoisetidestravel.com"] [uri "/.env"] [unique_id "aT1VknFfFhiSwbih7wkf8wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2025-12-13 03:53:51 (5 months ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2025-12-13 03:21:51 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.67.97.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 12 22:21:47.921407 2025] [security2:error] [pid 27664:tid 27664] [client 45.67.97.63:57641] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gunningphysio.com"] [uri "/.env"] [unique_id "aTzby0PC5rBp3T1chPCQDAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 teamsecure	2025-12-13 00:05:21 (5 months ago)	Banned for trying to access env	Web App Attack
🇷🇺 DZBOT	2025-12-12 20:23:11 (5 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 56 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 14.103.117.73

🇺🇸 216.25.89.156

🇨🇭 209.99.190.113

🇹🇳 197.5.145.150

🇺🇸 193.203.127.5

🇪🇨 186.4.240.226

🇮🇱 185.28.155.55

🇺🇸 172.56.74.1

🇵🇰 153.117.8.130

🇺🇸 150.136.214.177

🇧🇷 136.248.121.226

🇮🇳 122.187.230.82

🇷🇴 92.118.39.212

🇺🇸 66.132.172.98

🇳🇱 45.148.10.157

🇬🇧 35.203.210.202

🇺🇸 34.228.104.231

🇮🇳 2406:da1a:daa:f400:2501:d2c9:8d08:a3b6

🇨🇳 220.167.232.190

🇨🇳 220.167.232.171