JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.154.138.32

45.154.138.32 was found in our database!

This IP was reported 161 times. Confidence of Abuse is 43%: ?

43%

ISP	VPN Consumer Marseille, France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.154.138.32

Whois 45.154.138.32

IP Abuse Reports for 45.154.138.32:

This IP address has been reported a total of 161 times from 91 distinct sources. 45.154.138.32 was first reported on May 15th 2022, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇺 sms.ru	2026-06-07 14:14:18 (14 hours ago)	/wp-admin/maint/flex.php	Web App Attack
🇫🇷 Octopuce	2026-06-07 03:51:00 (1 day ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/WordPressCore/include.php /wp-content ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/WordPressCore/include.php /wp-content/admin-footer.php /modules/mod_simplefileup ... show less	Web App Attack
🇬🇧 consul.to	2026-06-05 05:11:08 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇦 Mediashaker	2026-06-05 02:27:35 (3 days ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 45.154.138.32 (FR/France ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 45.154.138.32 (FR/France/-) show less	Port Scan
🇺🇸 threatintelligence_bvc	2026-05-30 07:32:54 (1 week ago)		Brute-Force
🇺🇸 mnsf	2026-05-06 22:05:50 (1 month ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇺🇸 mnsf	2026-05-05 21:05:15 (1 month ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-04-30 00:15:16 (1 month ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-04-29 22:50:49 (1 month ago)	45.154.138.32 - - [30/Apr/2026:01:50:25 +0300] "GET /wp-content/plugins/wp-cache-sys/index.php HTTP/ ... show more 45.154.138.32 - - [30/Apr/2026:01:50:25 +0300] "GET /wp-content/plugins/wp-cache-sys/index.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" 45.154.138.32 - - [30/Apr/2026:01:50:49 +0300] "GET /wp-content/plugins/elementor/modules/atomic-widgets/prop-types/transform/lock.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-24 00:36:51 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 20:36:45.087229 2026] [security2:error] [pid 13366:tid 13381] [client 45.154.138.32:58851] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tradersofficepark.com"] [uri "/.env"] [unique_id "aeq7HTgUeQHSXMqVx1-bpQAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:56:12 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:56:04.913100 2026] [security2:error] [pid 24177:tid 24177] [client 45.154.138.32:54103] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|dynabandllc.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dynabandllc.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQoJP9mfE4alhj70Ort7wAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:37:07 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:37:02.314384 2026] [security2:error] [pid 1249907:tid 1249907] [client 45.154.138.32:43181] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|oligofoundry.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "oligofoundry.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQjrnd-OHs-I9lreu_7xAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:10:31 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:10:24.663421 2026] [security2:error] [pid 3794115:tid 3794115] [client 45.154.138.32:34359] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|protection4allsecurity.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "protection4allsecurity.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQdcK7RqMGXTr5O7V_h8wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇰 Mehmet_The_Script_Kiddie	2026-04-17 10:00:22 (1 month ago)	AUTOMATED REPORT: Vulnerability scan - PHPUnit vulnerabilities: /vendor/phpunit/phpunit/phpunit.xsd	Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-04-08 14:18:32 (1 month ago)	(mod_security) mod_security (id:900191) triggered by 45.154.138.32 (FR/France/-): 5 in the last 900 ... show more (mod_security) mod_security (id:900191) triggered by 45.154.138.32 (FR/France/-): 5 in the last 900 secs show less	Web App Attack Hacking

Showing 1 to 15 of 161 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.182

🇭🇰 103.230.240.59

🇺🇸 98.89.204.118

🇩🇪 95.85.238.22

🇳🇱 94.154.35.215

🇫🇷 92.154.95.236

🇯🇵 47.74.20.57

🇧🇷 45.205.1.244

🇩🇪 35.246.172.40

🇬🇧 5.226.140.47

🇬🇧 5.226.140.42

🇬🇧 5.226.140.29

🇬🇧 5.226.140.9

🇩🇪 213.209.159.238

🇳🇱 192.178.118.154

🇸🇬 181.214.183.65

🇺🇸 162.216.149.175

🇩🇪 155.117.127.5

🇧🇷 129.121.54.208

🇨🇳 123.165.80.38