JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.154.138.31

45.154.138.31 was found in our database!

This IP was reported 125 times. Confidence of Abuse is 45%: ?

45%

ISP	VPN Consumer Marseille, France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.154.138.31

Whois 45.154.138.31

IP Abuse Reports for 45.154.138.31:

This IP address has been reported a total of 125 times from 58 distinct sources. 45.154.138.31 was first reported on January 31st 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 sms.ru	2026-06-07 14:11:17 (2 days ago)	/wp-admin/css/autoload_classmap.php	Web App Attack
🇬🇧 consul.to	2026-06-07 04:45:23 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Octopuce	2026-06-07 03:49:53 (2 days ago)	Aggressive web search of vulnerable pages: /wp-includes/db.php /wp-includes/class-wp-dependency-floa ... show more Aggressive web search of vulnerable pages: /wp-includes/db.php /wp-includes/class-wp-dependency-float.php /wp-includes/PHPMailer/index.php /wp- ... show less	Web App Attack
Anonymous	2026-06-05 07:04:59 (4 days ago)	Aggressive web scan	Web App Attack
🇩🇪 Ba-Yu	2026-06-05 05:04:31 (4 days ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇬🇧 consul.to	2026-06-05 03:09:09 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 masterguru	2026-06-04 18:42:04 (4 days ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)	Hacking
🇺🇦 URAN Publishing Service	2026-04-29 22:51:06 (1 month ago)	45.154.138.31 - - [30/Apr/2026:01:51:04 +0300] "GET /wp-content/plugins/shortcodes-ultimate/admin.ph ... show more 45.154.138.31 - - [30/Apr/2026:01:51:04 +0300] "GET /wp-content/plugins/shortcodes-ultimate/admin.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" 45.154.138.31 - - [30/Apr/2026:01:51:05 +0300] "GET /wp-content/plugins/wordpress-seo/inc/WPSEO.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 06:34:08 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 02:34:01.390588 2026] [security2:error] [pid 2441658:tid 2441658] [client 45.154.138.31:21155] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.taekwondoit.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.taekwondoit.com"] [uri "/about-us/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeR3WUeWbPuHS1jXpexFKwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:58:12 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:58:06.994661 2026] [security2:error] [pid 26646:tid 26646] [client 45.154.138.31:34071] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|clickableprize.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "clickableprize.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQonkUHpEZSC3t46ba1mgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:39:16 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:39:13.191888 2026] [security2:error] [pid 1250125:tid 1250125] [client 45.154.138.31:41399] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|haroparquet.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "haroparquet.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQkMfwiUySdImLg49YOsAAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:16:46 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:16:38.805736 2026] [security2:error] [pid 316822:tid 316822] [client 45.154.138.31:45089] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|digifonics.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "digifonics.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQe5koM4GxpiK6kRK3mkgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 23:13:37 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 19:13:29.268182 2026] [security2:error] [pid 2768768:tid 2768768] [client 45.154.138.31:48351] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|1954topresent.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "1954topresent.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQQGRClyjHEPZvkEB6YHQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 12:44:50 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 08:44:44.428949 2026] [security2:error] [pid 1476153:tid 1476202] [client 45.154.138.31:31037] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|usu.net\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "usu.net"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeIrPFlao-J7B8bsxnoG1QAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 02:16:29 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.31 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 22:16:23.922222 2026] [security2:error] [pid 4029499:tid 4029499] [client 45.154.138.31:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ndanetworks.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ndanetworks.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeGX95-YlbFrqQ32oVi4GgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 125 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 185.242.3.173

🇺🇸 184.154.157.176

🇨🇳 110.177.180.148

🇬🇧 35.203.211.40

🇦🇺 223.27.18.80

🇪🇹 196.188.116.56

🇫🇷 194.5.183.49

🇺🇦 194.0.157.214

🇩🇪 167.94.145.30

🇸🇬 161.118.224.41

🇺🇸 136.118.184.141

🇯🇵 103.125.146.70

🇬🇧 81.19.219.244

🇺🇸 47.254.69.53

🇫🇮 46.62.211.8

🇳🇱 45.148.10.151

🇮🇩 41.216.177.55

🇵🇰 39.48.197.249

🇭🇰 38.207.133.27

🇸🇦 31.166.198.110