AbuseIPDB » 45.8.17.92

45.8.17.92 was found in our database!

This IP was reported 72 times. Confidence of Abuse is 60%: ?

60%

ISP	TnR Technologies B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	tnrtechnologies.nl
Country	Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 45.8.17.92

Whois 45.8.17.92

IP Abuse Reports for 45.8.17.92:

This IP address has been reported a total of 72 times from 44 distinct sources. 45.8.17.92 was first reported on May 10th 2021, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
TPI-Abuse	2025-03-13 15:51:07 (6 days ago)	(mod_security) mod_security (id:210730) triggered by 45.8.17.92 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.8.17.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 13 11:51:03.063168 2025] [security2:error] [pid 32275:tid 32275] [client 45.8.17.92:13047] [client 45.8.17.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||symbarenewables.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "symbarenewables.com"] [uri "/backups/dump.sql"] [unique_id "Z9L-5yTfphVFBecLE5pkAgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
dynamix	2025-03-12 14:20:16 (1 week ago)	Multiple WAF Violations	Web App Attack
tecnicorioja	2025-03-11 23:01:41 (1 week ago)	(Mod_security) [11/Mar/2025:11:35:23.153993	Brute-Force Bad Web Bot Web App Attack
lindi	2025-03-10 03:54:56 (1 week ago)	Probing for resource vulnerabilities ...	Web Spam Brute-Force Bad Web Bot Exploited Host Web App Attack
8legz.net	2025-03-08 23:19:34 (1 week ago)	[Sun Mar 09 00:18:48.271792 2025] [php:error] [pid 273739] [client 45.8.17.92:46085] script '/v ... show more[Sun Mar 09 00:18:48.271792 2025] [php:error] [pid 273739] [client 45.8.17.92:46085] script '/var/www/html/_info.php' not found or unable to stat [Sun Mar 09 00:18:57.710028 2025] [php:error] [pid 273715] [client 45.8.17.92:11153] script '/var/www/html/00_server_info.php' not found or unable to stat [Sun Mar 09 00:19:33.962841 2025] [php:error] [pid 273714] [client 45.8.17.92:24745] script '/var/www/html/_info.php' not found or unable to stat ... show less	Brute-Force
arirabinowitz.com	2025-03-07 15:37:00 (1 week ago)	45.8.17.92 - - [06/Mar/2025:18:47:19 -0500] "GET / HTTP/1.1" 200 33773 "-" "Mozilla/5.0 (Windows NT ... show more45.8.17.92 - - [06/Mar/2025:18:47:19 -0500] "GET / HTTP/1.1" 200 33773 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0" 45.8.17.92 - - [06/Mar/2025:18:47:34 -0500] "POST /.env HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (Windows NT 10.0; rv:105.0) Gecko/20100101 Firefox/105.0" 45.8.17.92 - - [06/Mar/2025:18:49:43 -0500] "GET /docker/.env HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0" 45.8.17.92 - - [06/Mar/2025:18:50:19 -0500] "POST /enviroments/.env.production HTTP/1.1" 404 29795 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0" show less	Hacking Web App Attack
ipblock.com	2025-03-05 04:03:00 (2 weeks ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
TrafficAnalyser	2025-03-05 03:42:45 (2 weeks ago)	Probing "GET /.info.php HTTP/1.1"	Web App Attack
ShieldNet Security	2025-03-05 00:02:02 (2 weeks ago)	Web server abuse detected from IP 45.8.17.92: 45.8.17.92 - - [05/Mar/2025:00:02:00 +0000] "POST /.en ... show moreWeb server abuse detected from IP 45.8.17.92: 45.8.17.92 - - [05/Mar/2025:00:02:00 +0000] "POST /.env.prod HTTP/1.1" 405 559 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" "-" on 1741132920. show less	Hacking Brute-Force Bad Web Bot Web App Attack
Mr-Money	2025-03-04 23:33:17 (2 weeks ago)	45.8.17.92 - - [05/Mar/2025:00:33:16 +0100] "POST /.env.production HTTP/1.1" 404 461 "-" "Mozilla/5. ... show more45.8.17.92 - - [05/Mar/2025:00:33:16 +0100] "POST /.env.production HTTP/1.1" 404 461 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36" ... show less	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
Penny Packer	2025-02-24 12:02:32 (3 weeks ago)	Fail2Ban apache-tripwires	Web App Attack
Valhalla	2025-02-19 15:32:21 (1 month ago)	/back/website.tar.gz	Hacking Web App Attack
octageeks.com	2025-02-19 05:06:50 (1 month ago)	Wordpress malicious attack:[octablocked]	Web App Attack
TPI-Abuse	2025-02-08 18:41:17 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.8.17.92 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.8.17.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 08 13:41:12.597459 2025] [security2:error] [pid 23638:tid 23638] [client 45.8.17.92:9997] [client 45.8.17.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinsquaretrader.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsquaretrader.com"] [uri "/backups/www.sql"] [unique_id "Z6elSI8gZfetSqTvIFTd0wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
TPI-Abuse	2025-02-01 13:11:51 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.8.17.92 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.8.17.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 01 08:11:47.530286 2025] [security2:error] [pid 22920:tid 22920] [client 45.8.17.92:52367] [client 45.8.17.92] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||gcigmbh.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gcigmbh.com"] [uri "/old/mysql.sql"] [unique_id "Z54dk2kKOfCUgMt-9feweQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩