JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.145.108.252

195.145.108.252 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 37%: ?

37%

ISP	ODAV AG Ges. fuer Informatik u. Telekommunikation
Usage Type	Fixed Line ISP
ASN	AS3320
Hostname(s)	mail.gewerbe-treuhand.de
Domain Name	telekom.de
Country	🇩🇪 Germany
City	Straubing, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.145.108.252

Whois 195.145.108.252

IP Abuse Reports for 195.145.108.252:

This IP address has been reported a total of 57 times from 37 distinct sources. 195.145.108.252 was first reported on October 31st 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 ELYAZ	2026-06-27 16:22:50 (9 hours ago)	(wordpress) Failed wordpress login from 195.145.108.252 (DE/Germany/mail.gewerbe-treuhand.de): (CF_ ... show more (wordpress) Failed wordpress login from 195.145.108.252 (DE/Germany/mail.gewerbe-treuhand.de): (CF_ENABLE) show less	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-22 22:29:19 (5 days ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-21 22:28:23 (6 days ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 18:07:23 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 14:07:19.252674 2026] [security2:error] [pid 22942:tid 22942] [client 195.145.108.252:43042] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|drgtek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drgtek.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajgoV0NohFCvv-VrLN7_YAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 netclix.gr	2026-06-21 16:18:08 (6 days ago)	(wordpress) Failed wordpress login from 195.145.108.252 (DE/Germany/mail.gewerbe-treuhand.de): (CF_ ... show more (wordpress) Failed wordpress login from 195.145.108.252 (DE/Germany/mail.gewerbe-treuhand.de): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-21 10:14:02 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:13:56.923135 2026] [security2:error] [pid 26973:tid 26973] [client 195.145.108.252:37251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bonesband.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bonesband.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aje5ZE9wW3QgZNW8LO9wFwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 09:56:56 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 05:56:52.394302 2026] [security2:error] [pid 17443:tid 17443] [client 195.145.108.252:35338] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.realclean.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.realclean.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aje1ZFirAeLyU5lCFpsBYgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-14 07:20:20 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇸🇪 vaia.cloud	2026-06-14 03:41:01 (1 week ago)	trying wp-login.php/xmlrpc.php 64 times in 1 minutes	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 23:31:46 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:31:41.213305 2026] [security2:error] [pid 24456:tid 24456] [client 195.145.108.252:41748] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wildlandconservancy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wildlandconservancy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai3oXaddSMFyXi6R_NIYDAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 12:38:17 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 i ... show more (mod_security) mod_security (id:225170) triggered by 195.145.108.252 (mail.gewerbe-treuhand.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 08:38:11.702369 2026] [security2:error] [pid 8060:tid 8060] [client 195.145.108.252:22130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.magacine.tv\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.magacine.tv"] [uri "/wp-json/wp/v2/users"] [unique_id "agB8M0tJac01pHriX-0VjAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-03-25 05:39:27 (3 months ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (88020-197)	Hacking
🇩🇪 Hazzard	2026-03-25 04:02:52 (3 months ago)	(wordpress) Failed wordpress login from 195.145.108.252 (DE/Germany/Hamburg/Hamburg/mail.gewerbe-tre ... show more (wordpress) Failed wordpress login from 195.145.108.252 (DE/Germany/Hamburg/Hamburg/mail.gewerbe-treuhand.de/[redacted]): (CF_ENABLE) show less	Brute-Force
🇦🇺 MAGIC	2026-03-25 02:15:37 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 masterguru	2026-03-17 19:48:52 (3 months ago)	wp-login request blocked, no referer. Pattern match "wp-login.php" at REQUEST_URI. (88020-197)	Hacking

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 138.97.242.21

🇺🇸 205.210.31.85

🇺🇸 195.184.76.242

🇺🇸 195.184.76.241

🇳🇱 176.65.149.236

🇺🇸 160.3.210.204

🇺🇸 153.66.19.31

🇺🇸 144.172.114.132

🇧🇷 138.97.242.207

🇨🇳 120.217.82.107

🇦🇺 115.128.154.98

🇳🇱 91.92.42.189

🇩🇪 51.89.44.65

🇺🇸 48.217.233.154

🇸🇨 45.194.67.146

🇳🇱 45.153.34.71

🇳🇱 45.148.10.157

🇺🇸 40.124.183.177

🇬🇧 35.203.211.8

🇯🇵 8.211.144.142