JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.147.9.27

45.147.9.27 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 27%: ?

27%

ISP	Atlas Network Holdings LLC
Usage Type	Fixed Line ISP
ASN	AS213954
Domain Name	atlasnetworkholdings.online
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.147.9.27

Whois 45.147.9.27

IP Abuse Reports for 45.147.9.27:

This IP address has been reported a total of 8 times from 5 distinct sources. 45.147.9.27 was first reported on April 15th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ipblock.com	2026-06-05 19:31:00 (12 hours ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 14:01:22 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 10:01:13.890651 2026] [security2:error] [pid 20111:tid 20111] [client 45.147.9.27:14933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barecreationsaz.com"] [uri "/wp-config.php.save"] [unique_id "ahBhqaisauF86Ux80rbvnwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 18:50:53 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 14:50:49.515238 2026] [security2:error] [pid 6169:tid 6169] [client 45.147.9.27:17979] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raintechgutters.com"] [uri "/wp-config.php~"] [unique_id "ag4CichfwFOXkJhkXzNEFwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 16:41:12 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:41:04.476014 2026] [security2:error] [pid 26694:tid 26704] [client 45.147.9.27:57867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tsengkwongchi.com"] [uri "/wp-config.bak"] [unique_id "ag3kID6I9K63VkkSTgj_EgAAAMc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 16:07:56 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.147.9.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:07:48.921181 2026] [security2:error] [pid 6362:tid 6362] [client 45.147.9.27:12095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulsingdahlsen.com"] [uri "/wp-config.php.orig"] [unique_id "ag3cVIfagjH_KQWEQ_83cAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-17 04:34:05 (2 weeks ago)	URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .b ... show more URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .back/ .backup/ .bak/ .bck/ .bk/ .bkp/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .cnf/ .com/ .compositefont/ .config/ .conf/ .copy/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jks/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .sav/ .save/ .scr/ .sct/ .sh/ .shs/ .sql/ .sqlite/ .sqlite3/ .swap/ .swo/ .swp/ .sys/ .temp/ .tfstate/ .tlb/ .tmp/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-201) show less	Hacking
🇫🇷 tilellit.pro	2026-05-14 04:11:11 (3 weeks ago)	Fail2Ban banned 45.147.9.27 for security violations in jail wp-armour. Log: 2026/05/14 04:11:11 [err ... show more Fail2Ban banned 45.147.9.27 for security violations in jail wp-armour. Log: 2026/05/14 04:11:11 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 45.147.9.27 \| Target: wplogin" , client: 45.147.9.27, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇩🇪 ardexter	2026-04-15 16:56:34 (1 month ago)	Wordpress attack and DDOS	DDoS Attack Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 134.209.120.216

🇨🇳 117.72.52.87

🇺🇸 104.237.132.63

🇵🇰 103.72.1.140

🇺🇸 209.141.41.212

🇩🇪 46.224.234.158

🇨🇳 220.176.33.24

🇧🇷 187.16.70.194

🇩🇪 87.106.152.203

🇺🇸 64.95.9.223

🇺🇸 45.33.84.124

🇬🇭 41.139.28.42

🇺🇸 40.124.174.187

🇨🇳 39.97.53.147

🇺🇸 162.216.149.185

🇸🇪 162.158.183.106

🇨🇳 120.48.13.223

🇨🇳 115.190.241.179

🇨🇳 101.33.247.61

🇺🇸 2607:f8b0:400e:c05::12d