JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.77.149.21

45.77.149.21 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 90%: ?

90%

ISP	Vultr Holdings, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20473
Hostname(s)	45.77.149.21.vultrusercontent.com
Domain Name	vultr.com
Country	🇺🇸 United States of America
City	Piscataway, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.77.149.21

Whois 45.77.149.21

IP Abuse Reports for 45.77.149.21:

This IP address has been reported a total of 19 times from 18 distinct sources. 45.77.149.21 was first reported on June 12th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-06-13 00:36:16 (4 days ago)	45.77.149.21 - - [13/Jun/2026:02:36:13 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 1389 ... show more 45.77.149.21 - - [13/Jun/2026:02:36:13 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 138936 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Progetto1	2026-06-13 00:20:03 (4 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇦🇺 MAGIC	2026-06-13 00:07:01 (4 days ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇪 cmbplf	2026-06-13 00:02:33 (4 days ago)	4.863 requests to many distinct domains in 1 hour (2w2d21h)	Brute-Force Bad Web Bot
🇩🇪 LRob.fr	2026-06-13 00:01:25 (4 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 etu brutus	2026-06-12 23:25:30 (4 days ago)	45.77.149.21 has been banned for [WebApp Attack] ...	Hacking Bad Web Bot Web App Attack
🇬🇷 setupgr	2026-06-12 23:22:01 (4 days ago)	(mod_security) mod_security (id:11000011) triggered by 45.77.149.21: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:11000011) triggered by 45.77.149.21: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sat Jun 13 02:21:58.983753 2026] [security2:error] [pid 351324:tid 351522] [client 45.77.149.21:65505] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "vultrusercontent.com" at REMOTE_HOST. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "128"] [id "11000011"] [msg "BLOCKED BAD DOMAIN: 45.77.149.21.vultrusercontent.com"] [hostname "pose.gr"] [uri "/wp-content/plugins/fix/up.php"] [unique_id "aiyUlq6PDvwc_i5kBP5fIgAAANU"] show less	Port Scan
Anonymous	2026-06-12 23:14:41 (4 days ago)	45.77.149.21 - - [13/Jun/2026:01:14:40 +0200] "GET //wp-content/plugins/fix/ HTTP/1.1" 301 169 "-" " ... show more 45.77.149.21 - - [13/Jun/2026:01:14:40 +0200] "GET //wp-content/plugins/fix/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" show less	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-12 23:08:01 (4 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-06-12 23:02:29 (4 days ago)	Looking for WP exploit 45.77.149.21 - - [13/Jun/2026:01:02:27 +0200] "GET //wp-content/plugins/fix/u ... show more Looking for WP exploit 45.77.149.21 - - [13/Jun/2026:01:02:27 +0200] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" show less	Web App Attack
🇫🇮 YF	2026-06-12 23:00:57 (4 days ago)	WordPress content enumeration	Web App Attack
🇩🇪 london2038.com	2026-06-12 22:56:00 (4 days ago)	Probing for exploits 45.77.149.21 - - [13/Jun/2026:00:55:56 +0200] "GET //wp-content/plugins/fix/up. ... show more Probing for exploits 45.77.149.21 - - [13/Jun/2026:00:55:56 +0200] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" 45.77.149.21 - - [13/Jun/2026:00:55:56 +0200] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" show less	Hacking Web App Attack
🇷🇺 Deynekin.com	2026-06-12 22:27:32 (4 days ago)	This IP address has been identified as part of a botnet infrastructure used by threat actors, indica ... show more This IP address has been identified as part of a botnet infrastructure used by threat actors, indicating automated and malicious activity. show less	Fraud Orders Web App Attack SSH Web Spam FTP Brute-Force Phishing Email Spam Port Scan Brute-Force Exploited Host Hacking SQL Injection
🇺🇸 RLDD	2026-06-12 22:19:28 (4 days ago)	WP probing for vulnerabilities -lev	Web App Attack
🇫🇷 pm33	2026-06-12 22:19:06 (4 days ago)	Excessive crawling HTTP 404	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2404:6800:4013:800::122

🇮🇳 64.227.137.12

🇵🇪 200.107.163.195

🇩🇴 186.120.151.214

🇮🇹 185.15.171.132

🇰🇷 183.96.62.29

🇧🇼 168.167.228.74

🇳🇱 157.245.77.56

🇧🇷 152.32.200.213

🇺🇸 144.24.3.6

🇨🇳 119.96.158.87

🇳🇬 102.90.98.113

🇬🇧 81.110.134.167

🇳🇱 45.142.193.53

🇹🇿 41.59.200.166

🇨🇳 223.84.209.188

🇺🇸 185.180.141.8

🇨🇳 180.109.16.4

🇷🇺 178.177.40.29

🇺🇸 178.130.47.57