JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.32.120.148

194.32.120.148 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 30%: ?

30%

ISP	VPN Consumer London, United Kingdom
Usage Type	Data Center/Web Hosting/Transit
ASN	AS42831
Domain Name	vpnconsumer.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.32.120.148

Whois 194.32.120.148

IP Abuse Reports for 194.32.120.148:

This IP address has been reported a total of 76 times from 42 distinct sources. 194.32.120.148 was first reported on June 30th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-18 19:59:46 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 raph	2026-06-18 13:04:04 (1 week ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-18 12:09:35 (1 week ago)	194.32.120.148 - - [18/Jun/2026:15:09:34 +0300] "GET /wp-content/themes/neve/assets/apps/dashboard/b ... show more 194.32.120.148 - - [18/Jun/2026:15:09:34 +0300] "GET /wp-content/themes/neve/assets/apps/dashboard/build/index.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" 194.32.120.148 - - [18/Jun/2026:15:09:35 +0300] "GET /wp-content/themes/theme-check/main.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 SpaceHost-Server	2026-06-09 22:27:41 (2 weeks ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-08 22:27:33 (2 weeks ago)		Brute-Force Web App Attack
🇯🇵 demonsword	2026-06-05 10:06:39 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443 show less	Open Proxy Port Scan
🇺🇸 fortypoundhead	2026-04-10 07:02:59 (2 months ago)	Banned IP Address	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 12:14:33 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 194.32.120.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.32.120.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 07:14:30.558427 2026] [security2:error] [pid 9617:tid 9638] [client 194.32.120.148:60939] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.fishrapper.com\|F\|2"] [data ".com.sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fishrapper.com"] [uri "/here-fishy.com.sql"] [unique_id "aZxEps6v0RPeQVfgdgKuYAAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-18 17:20:45 (4 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇩🇪 filstal.org	2026-02-18 03:03:36 (4 months ago)	CrowdSec-Report: crowdsecurity/http-backdoors-attempts	Hacking Web App Attack
🇨🇭 Origon	2026-02-13 19:09:14 (4 months ago)	http-wordpress-scan - IP: 194.32.120.148 - time="2026-02-13T20:09:14+01:00" level=info msg="(555f66 ... show more http-wordpress-scan - IP: 194.32.120.148 - time="2026-02-13T20:09:14+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-wordpress-scan by ip 194.32.120.148 (GB/42831) : 4h ban on Ip 194.32.120.148" module=db show less	Web App Attack
🇩🇪 ghostwarriors	2026-02-13 18:20:19 (4 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Mr-Money	2026-02-13 14:12:01 (4 months ago)	scenario: crowdsecurity/http-wordpress-scan - events: 4	Hacking Web App Attack
🇺🇸 myagent.site	2026-02-13 11:27:24 (4 months ago)	Blocking for trying to access an exploit file: //login.php	Hacking
🇺🇦 URAN Publishing Service	2026-02-13 10:17:54 (4 months ago)	194.32.120.148 - - [13/Feb/2026:12:17:53 +0200] "GET //wp-content/plugins/phpadmin/autoload_classmap ... show more 194.32.120.148 - - [13/Feb/2026:12:17:53 +0200] "GET //wp-content/plugins/phpadmin/autoload_classmap.php HTTP/1.1" 404 271 "-" "Go-http-client/1.1" 194.32.120.148 - - [13/Feb/2026:12:17:53 +0200] "GET //wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 271 "-" "Go-http-client/1.1" ... show less	Web App Attack

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 200.10.46.167

🇧🇷 179.191.222.210

🇺🇸 2602:f6f6:2:2634::1

🇺🇸 200.10.46.147

🇧🇪 198.235.24.181

🇩🇪 142.251.14.138

🇮🇳 139.59.4.137

🇰🇷 118.37.214.187

🇨🇳 112.46.213.195

🇲🇾 47.250.135.69

🇭🇰 36.255.220.145

🇧🇪 35.233.49.37

🇺🇸 2604:a940:300:5b6:0:13::

🇬🇧 195.96.139.11

🇺🇸 193.34.74.229

🇺🇸 193.34.74.142

🇺🇸 193.34.74.96

🇺🇸 193.34.74.4

🇬🇧 188.240.59.51

🇸🇬 167.172.95.38