JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.133.5.111

45.133.5.111 was found in our database!

This IP was reported 180 times. Confidence of Abuse is 47%: ?

47%

ISP	VPN Consumer Sydney, Australia
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	vpnconsumer.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.133.5.111

Whois 45.133.5.111

IP Abuse Reports for 45.133.5.111:

This IP address has been reported a total of 180 times from 79 distinct sources. 45.133.5.111 was first reported on June 19th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-15 05:21:36 (1 day ago)	Multiple WAF Violations	Web App Attack
🇳🇱 Site.eu	2026-06-15 01:50:17 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 18:46:30 (2 days ago)	(mod_security) mod_security (id:240000) triggered by 45.133.5.111 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 45.133.5.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:46:22.628079 2026] [security2:error] [pid 23501:tid 23501] [client 45.133.5.111:62105] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|niftythrifty.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "niftythrifty.net"] [uri "/images/stories/themes.php"] [unique_id "ai72_rHa9pc_1vuCMX8qdgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-07 16:42:58 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Octopuce	2026-06-07 16:07:43 (1 week ago)	Aggressive web search of vulnerable pages: /images/firewall.php7 /wp-includes/images/crystal/lrs_dag ... show more Aggressive web search of vulnerable pages: /images/firewall.php7 /wp-includes/images/crystal/lrs_dage.php /wp-content/upgrade/pdf.php /wp-inclu ... show less	Web App Attack
🇺🇸 mw	2026-06-05 00:01:26 (1 week ago)	GET /blog/wp-admin/about.php HTTP/1.1	Web App Attack
🇧🇪 cmbplf	2026-05-06 01:42:31 (1 month ago)	144 requests with url.path *config.php	Brute-Force Bad Web Bot
🇳🇱 Site.eu	2026-05-06 01:37:47 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇩🇪 paissangroup	2026-05-05 21:20:04 (1 month ago)	Multiple WAF Violations	Web App Attack
🇬🇧 andypiper	2026-05-05 00:02:36 (1 month ago)	CrowdSec ban for crowdsecurity/netgear-router-bruteforce	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-24 02:28:14 (1 month ago)	(mod_security) mod_security (id:240000) triggered by 45.133.5.111 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 45.133.5.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 22:28:09.702491 2026] [security2:error] [pid 18058:tid 18058] [client 45.133.5.111:44427] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|tristarus.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "tristarus.com"] [uri "/images/stories/themes.php"] [unique_id "aerVOZspzt81ZEYetpweqgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 poundawebsiteltd	2026-04-23 14:53:26 (1 month ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 45.133.5.111 - - [23/Apr/2026:15:53:25 + ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 45.133.5.111 - - [23/Apr/2026:15:53:25 +0100] GET /wp-admin/media-new.php HTTP/1.1 301 519 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36 show less	Web App Attack
Anonymous	2026-04-23 10:59:41 (1 month ago)	[redacted] 45.133.5.111 - - [23/Apr/2026:12:59:34 +0200] "GET /admin/function.php HTTP/1.1" 404 196 ... show more [redacted] 45.133.5.111 - - [23/Apr/2026:12:59:34 +0200] "GET /admin/function.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" [redacted] 45.133.5.111 - - [23/Apr/2026:12:59:34 +0200] "GET /wp-includes/js/crop/admin.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" [redacted] 45.133.5.111 - - [23/Apr/2026:12:59:35 +0200] "GET /wp-includes/PHPMailer/admin.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" [redacted] 45.133.5.111 - - [23/Apr/2026:12:59:37 +0200] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" [redacted] 45.133.5.111 - - [23/Apr/2026:12:59:37 +0200] "GET /wp-includes/IXR/admin.php HTTP/1.1" 404 19 ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 07:36:41 (1 month ago)	(mod_security) mod_security (id:240000) triggered by 45.133.5.111 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240000) triggered by 45.133.5.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 03:36:32.763362 2026] [security2:error] [pid 13539:tid 13539] [client 45.133.5.111:49095] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|theprideproject.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "theprideproject.net"] [uri "/images/stories/themes.php"] [unique_id "aenMAB59jv61T38JTi_AbAAAADo"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-04-21 08:35:49 (1 month ago)	Excessive multi-domain requests	Brute-Force

Showing 1 to 15 of 180 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.226.197.47

🇺🇸 170.254.178.254

🇺🇸 170.254.178.247

🇺🇸 170.254.178.219

🇺🇸 170.254.178.210

🇧🇷 138.122.83.181

🇨🇳 39.154.3.154

🇨🇳 14.116.172.24

🇺🇸 209.50.165.23

🇧🇷 205.210.31.146

🇨🇴 200.189.27.74

🇺🇸 170.254.178.204

🇺🇸 170.254.178.174

🇺🇸 170.254.178.157

🇺🇸 170.254.178.139

🇺🇸 162.216.149.207

🇺🇸 152.32.235.227

🇮🇩 103.189.119.234

🇬🇧 81.19.219.240

🇺🇸 43.159.143.139