JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.142.182.139

45.142.182.139 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 0%: ?

ISP	XSServer GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS44592
Hostname(s)	static-139-182-142-45.customer.xsserver.gmbh
Domain Name	xsserver.gmbh
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.142.182.139

Whois 45.142.182.139

IP Abuse Reports for 45.142.182.139:

This IP address has been reported a total of 46 times from 24 distinct sources. 45.142.182.139 was first reported on December 25th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-03-19 09:45:25 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:45:18.685156 2026] [security2:error] [pid 6085:tid 6085] [client 45.142.182.139:33610] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|fortwaynepartybuses.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fortwaynepartybuses.com"] [uri "/httpdocs.bak"] [unique_id "abvFrnxaLyqCZ8EEqUD2ggAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tecnoacquisti.com	2026-03-17 07:24:16 (3 months ago)	PrestaShop Security Module: Calls WordPress paths probing known vulnerabilities	Web App Attack
Anonymous	2026-03-16 06:30:19 (3 months ago)	45.142.182.139 - - [16/Mar/2026:07:26:37 +0100] "GET /atd.ahk.nl%20(1).tar.gz HTTP/1.1" 404 17284 "h ... show more 45.142.182.139 - - [16/Mar/2026:07:26:37 +0100] "GET /atd.ahk.nl%20(1).tar.gz HTTP/1.1" 404 17284 "https://atd.ahk.nl/atd.ahk.nl%20%281%29.tar.gz" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.201 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 45.142.182.139 - - [16/Mar/2026:07:26:38 +0100] "GET /123.bz HTTP/1.1" 404 17291 "https://atd.ahk.nl/123.bz" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.201 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 45.142.182.139 - - [16/Mar/2026:07:26:41 +0100] "GET /bak.tar HTTP/1.1" 404 17290 "https://atd.ahk.nl/bak.tar" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.201 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 45.142.182.139 - - [16/M ... show less	DDoS Attack
🇺🇸 TPI-Abuse	2026-03-13 20:32:56 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210492) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 16:32:48.367822 2026] [security2:error] [pid 12378:tid 12378] [client 45.142.182.139:38866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sanesoftware.com"] [uri "/.env"] [unique_id "abR0cMAKbtY-Zquxu9QwYQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-13 19:52:13 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 15:52:06.669141 2026] [security2:error] [pid 29493:tid 29493] [client 45.142.182.139:50960] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bestprostate.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bestprostate.com"] [uri "/2024.bak"] [unique_id "abRq5sME9gXPSHv_tDLFLgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-13 07:07:08 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 03:07:01.461165 2026] [security2:error] [pid 3236:tid 3236] [client 45.142.182.139:40126] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|chrisbilder.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "chrisbilder.com"] [uri "/cgi-bin.bak"] [unique_id "abO3lU-V80F8WCtAzAo_zAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-11 13:03:13 (3 months ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-10 20:04:59 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 10 16:04:53.990232 2026] [security2:error] [pid 17067:tid 17067] [client 45.142.182.139:52444] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mobiletitleclerk.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mobiletitleclerk.com"] [uri "/2025.bak"] [unique_id "abB5ZWKCGl9wRoJAd8iHpwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mschimpf	2026-03-10 16:28:00 (3 months ago)		Web App Attack
Anonymous	2026-03-10 13:03:09 (3 months ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NL, Attack patterns: WordPress scanning, Backup file probing show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-09 10:59:13 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 06:59:07.104289 2026] [security2:error] [pid 18632:tid 18632] [client 45.142.182.139:59756] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|petercoadandthecoadsisters.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "petercoadandthecoadsisters.com"] [uri "/a.bak"] [unique_id "aa6n-8Fg10-AC_TBPqAh_AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-08 21:19:28 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210492) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 17:19:20.812009 2026] [security2:error] [pid 24931:tid 24931] [client 45.142.182.139:35500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bnaiisraelkearny.com"] [uri "/.env"] [unique_id "aa3n2KfB4KhBmuh9HAmrXwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-08 20:32:51 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer. ... show more (mod_security) mod_security (id:210730) triggered by 45.142.182.139 (static-139-182-142-45.customer.xsserver.gmbh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 16:32:43.006293 2026] [security2:error] [pid 25926:tid 25926] [client 45.142.182.139:49674] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mcarrollcommunications.com\|F\|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mcarrollcommunications.com"] [uri "/2024.bak"] [unique_id "aa3c6lsX4MTKqtk-MglfpgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-03-07 08:09:01 (3 months ago)	common Web Exploits being scanned	Web App Attack
🇦🇹 penguin-solutions.at	2026-03-07 02:49:48 (3 months ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.249.224.235

🇨🇳 101.35.248.174

🇲🇽 187.188.220.70

🇸🇪 185.246.128.170

🇩🇪 148.153.166.219

🇨🇳 120.237.131.219

🇩🇪 2001:41d0:701:1100::abb3

🇸🇬 116.89.50.183

🇮🇳 103.19.136.6

🇫🇷 85.217.140.8

🇧🇬 79.124.60.146

🇱🇹 45.227.254.170

🇨🇳 42.121.161.198

🇺🇸 40.76.139.157

🇺🇸 23.92.27.206

🇮🇳 2405:201:3011:50fc:1956:2970:8216:4076

🇧🇷 192.141.107.7

🇺🇸 184.105.247.215

🇷🇺 178.178.194.192

🇸🇪 80.78.28.84