JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.150.111.158

45.150.111.158 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 30%: ?

30%

ISP	ALEXHOST SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200019
Domain Name	alexhost.com
Country	🇧🇬 Bulgaria
City	Sofia, Sofia-Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.150.111.158

Whois 45.150.111.158

IP Abuse Reports for 45.150.111.158:

This IP address has been reported a total of 6 times from 4 distinct sources. 45.150.111.158 was first reported on May 26th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Progetto1	2026-06-03 07:30:04 (2 days ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 04:01:13 (2 days ago)	(mod_security) mod_security (id:210580) triggered by 45.150.111.158 (p165.com): 1 in the last 300 se ... show more (mod_security) mod_security (id:210580) triggered by 45.150.111.158 (p165.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:01:06.077285 2026] [security2:error] [pid 31716:tid 31716] [client 45.150.111.158:57386] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:log_filename. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|spaceritual.net\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:log_filename: ../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "spaceritual.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ah-nAn9AcHDv1pKEqZN1cgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 03:21:59 (2 days ago)	(mod_security) mod_security (id:210580) triggered by 45.150.111.158 (p165.com): 1 in the last 300 se ... show more (mod_security) mod_security (id:210580) triggered by 45.150.111.158 (p165.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 23:21:53.984794 2026] [security2:error] [pid 28768:tid 28768] [client 45.150.111.158:53348] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:log_filename. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|soundtrax.net\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:log_filename: ../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "soundtrax.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ah-d0cWwOIvp6cbE1uw8kQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 03:57:34 (3 days ago)	(mod_security) mod_security (id:210580) triggered by 45.150.111.158 (p165.com): 1 in the last 300 se ... show more (mod_security) mod_security (id:210580) triggered by 45.150.111.158 (p165.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 23:57:29.594731 2026] [security2:error] [pid 16141:tid 16141] [client 45.150.111.158:63149] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:log_filename. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|sabbathseminars.net\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:log_filename: ../../../../../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "sabbathseminars.net"] [uri "/wp-admin/admin-ajax.php"] [unique_id "ah5UqXZQAGAjsXEl3x9BKgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-02 02:34:48 (3 days ago)	[TueJun0204:34:45.1240182026][security2:error][pid3801570:tid3801923][client45.150.111.158:0]ModSecu ... show more [TueJun0204:34:45.1240182026][security2:error][pid3801570:tid3801923][client45.150.111.158:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"rd-gaming.net\"][uri\"/\"][unique_id\"ah5BRWG2KB3YjNB7Fhwk2wAAANY\"] show less	Hacking Web App Attack
🇺🇸 www.winos.me	2026-05-26 06:41:35 (1 week ago)	Automatically banned due to exceeding error status code threshold.	Brute-Force Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.127

🇺🇸 147.185.132.126

🇩🇪 130.12.181.103

🇺🇸 100.51.6.16

🇮🇷 94.101.184.145

🇳🇱 89.190.156.8

🇧🇬 78.128.113.74

🇧🇷 45.205.1.244

🇭🇰 223.197.178.95

🇬🇧 217.146.80.107

🇺🇸 216.73.160.131

🇩🇪 202.71.141.170

🇳🇱 202.71.14.42

🇺🇸 166.62.41.26

🇵🇱 95.214.53.196

🇷🇴 80.94.92.186

🇺🇸 64.94.159.250

🇺🇦 46.98.123.251

🇳🇱 45.94.31.112

🇬🇧 35.203.211.99