JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.154.138.7

45.154.138.7 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 31%: ?

31%

ISP	VPN Consumer Marseille, France
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.154.138.7

Whois 45.154.138.7

IP Abuse Reports for 45.154.138.7:

This IP address has been reported a total of 139 times from 73 distinct sources. 45.154.138.7 was first reported on May 11th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-10 12:01:48 (1 week ago)	Aggressive web search of vulnerable pages: /themes/zMousse/otuz1.php /wp-content/edit-wolf.php /wp-c ... show more Aggressive web search of vulnerable pages: /themes/zMousse/otuz1.php /wp-content/edit-wolf.php /wp-content/plugins/ubh/up.php /wp-admin/images/ ... show less	Web App Attack
🇷🇺 sms.ru	2026-06-07 14:11:29 (1 week ago)	/wp-admin/css/colors/sunrise/colors_95.php	Web App Attack
🇩🇪 Ba-Yu	2026-06-05 05:19:03 (1 week ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇬🇧 consul.to	2026-06-05 05:10:32 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 LRob.fr	2026-04-30 00:15:14 (1 month ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-04-29 22:48:15 (1 month ago)	45.154.138.7 - - [30/Apr/2026:01:48:09 +0300] "GET /wp-includes/Text/about.php HTTP/1.1" 404 708 "-" ... show more 45.154.138.7 - - [30/Apr/2026:01:48:09 +0300] "GET /wp-includes/Text/about.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" 45.154.138.7 - - [30/Apr/2026:01:48:12 +0300] "GET /wp-includes/IXR/index.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 16:03:24 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 12:03:19.309751 2026] [security2:error] [pid 10551:tid 10551] [client 45.154.138.7:37059] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6787"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|www.bmbb1.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.bmbb1.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "afIrx1RQtg0KDHRF-UxYLgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 01:03:33 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 21:03:26.061046 2026] [security2:error] [pid 3701:tid 3701] [client 45.154.138.7:21813] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|saintlouiscentral.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "saintlouiscentral.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQp3q0TtSJaKG74nbuzYgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:29:52 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:29:43.972285 2026] [security2:error] [pid 1247145:tid 1247145] [client 45.154.138.7:47105] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|canadianwildlifemuseum.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "canadianwildlifemuseum.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQh99cQVA7jKG0ctlbadAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 00:05:00 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 45.154.138.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 20:04:54.948046 2026] [security2:error] [pid 3797642:tid 3797642] [client 45.154.138.7:34185] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kellermoving.com\|F\|2"] [data ".xsd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kellermoving.com"] [uri "/vendor/phpunit/phpunit/phpunit.xsd"] [unique_id "aeQcJpSYJe8BW5lYSuft3wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Sylvyon	2026-04-16 00:29:30 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from FR. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from FR. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /vendor/phpunit/phpunit/phpunit.xsd \| UA: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 consul.to	2026-04-08 10:08:07 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 xmission.com	2026-03-24 23:56:31 (2 months ago)	45.154.138.7 - - [24/Mar/2026:17:56:31 -0600] "POST /wp-login.php HTTP/1.1" 200 6929 "-" "Mozilla/5. ... show more 45.154.138.7 - - [24/Mar/2026:17:56:31 -0600] "POST /wp-login.php HTTP/1.1" 200 6929 "-" "Mozilla/5.0" ... show less	Brute-Force
🇺🇸 gamabe	2026-03-24 21:00:15 (2 months ago)	Detected crowdsecurity/http-wordpress-scan attack pattern. Reported by CrowdSec IDS.	Web App Attack
🇺🇦 URAN Publishing Service	2026-03-18 05:42:20 (2 months ago)	45.154.138.7 - - [18/Mar/2026:07:42:19 +0200] "GET /wp-includes/Requests/ HTTP/1.1" 404 274 "-" "Moz ... show more 45.154.138.7 - - [18/Mar/2026:07:42:19 +0200] "GET /wp-includes/Requests/ HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" 45.154.138.7 - - [18/Mar/2026:07:42:19 +0200] "GET /wp-includes/blocks/ HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" ... show less	Web App Attack

Showing 1 to 15 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.37.132

🇦🇺 134.199.164.42

🇲🇽 187.190.35.163

🇺🇸 170.246.53.210

🇺🇸 162.216.149.157

🇧🇩 103.157.247.231

🇨🇿 92.62.233.214

🇪🇸 90.162.116.66

🇺🇸 70.89.116.5

🇳🇱 45.148.10.152

🇺🇸 185.191.171.19

🇺🇸 147.185.132.64

🇧🇩 103.171.69.92

🇺🇸 74.128.181.172

🇺🇸 65.49.1.51

🇧🇷 45.205.1.5

🇯🇵 218.42.61.150

🇳🇱 193.176.31.205

🇺🇸 192.252.215.125

🇻🇪 190.89.31.146