JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.91.20.111

45.91.20.111 was found in our database!

This IP was reported 148 times. Confidence of Abuse is 48%: ?

48%

ISP	VPN Consumer Milan, Italy
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	vpnconsumer.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.91.20.111

Whois 45.91.20.111

IP Abuse Reports for 45.91.20.111:

This IP address has been reported a total of 148 times from 55 distinct sources. 45.91.20.111 was first reported on November 28th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 SentinalX by uzumaru	2026-06-05 08:16:28 (3 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443 show less	Open Proxy Port Scan
🇺🇸 mnsf	2026-05-31 15:05:03 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇪🇸 masterguru	2026-05-31 12:20:13 (1 week ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇦🇺 MAGIC	2026-05-29 00:11:03 (1 week ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-05-22 01:41:55 (2 weeks ago)	"GET /.git-audit-probe-2fc5801fe1375ed7/HEAD HTTP/1.1"	Hacking Web App Attack
🇧🇪 cmbplf	2026-05-21 19:47:14 (2 weeks ago)	493 requests with url.path .git/	Brute-Force Bad Web Bot
🇺🇦 URAN Publishing Service	2026-05-13 10:29:59 (3 weeks ago)	45.91.20.111 - - [13/May/2026:13:29:58 +0300] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 404 ... show more 45.91.20.111 - - [13/May/2026:13:29:58 +0300] "GET /wp-content/themes/pridmag/db.php?u HTTP/1.1" 404 707 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-13 06:43:20 (3 weeks ago)	45.91.20.111 - - [13/May/2026:09:43:19 +0300] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 7 ... show more 45.91.20.111 - - [13/May/2026:09:43:19 +0300] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 711 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-12 22:55:53 (3 weeks ago)	45.91.20.111 - - [13/May/2026:01:55:52 +0300] "GET /wp-content/plugins/dzs-zoomsounds/1877.php HTTP/ ... show more 45.91.20.111 - - [13/May/2026:01:55:52 +0300] "GET /wp-content/plugins/dzs-zoomsounds/1877.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" 45.91.20.111 - - [13/May/2026:01:55:52 +0300] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇩🇪 ghostwarriors	2026-05-07 19:20:23 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 11:45:58 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 45.91.20.111 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 45.91.20.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 07:45:55.271729 2026] [security2:error] [pid 32115:tid 32115] [client 45.91.20.111:63259] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|el-pen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "el-pen.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "afx7c76Da_XQsAjcW20UGgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 07:17:59 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 45.91.20.111 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 45.91.20.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 03:17:54.698419 2026] [security2:error] [pid 5706:tid 5706] [client 45.91.20.111:50055] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6787"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|cosmicdebris.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "cosmicdebris.org"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "afrrIgSb_9lgTxZO41-h8AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 aranguren.org	2026-05-04 08:05:29 (1 month ago)	45.91.20.111 - - [04/May/2026:18:05:26 +1000] "GET /bypass.php HTTP/1.1" 404 16 "-" "Go-http-client/ ... show more 45.91.20.111 - - [04/May/2026:18:05:26 +1000] "GET /bypass.php HTTP/1.1" 404 16 "-" "Go-http-client/1.1" 45.91.20.111 - - [04/May/2026:18:05:27 +1000] "GET /inputs.php HTTP/1.1" 404 16 "-" "Go-http-client/1.1" 45.91.20.111 - - [04/May/2026:18:05:27 +1000] "GET /chosen.php HTTP/1.1" 404 16 "-" "Go-http-client/1.1" 45.91.20.111 - - [04/May/2026:18:05:28 +1000] "GET /simple.php HTTP/1.1" 404 16 "-" "Go-http-client/1.1" 45.91.20.111 - - [04/May/2026:18:05:28 +1000] "GET /file2.php HTTP/1.1" 404 16 "-" "Go-http-client/1.1" 45.91.20.111 - - [04/May/2026:18:05:28 +1000] "GET /themes.php HTTP/1.1" 404 16 "-" "Go-http-client/1.1" ... show less	Bad Web Bot
🇫🇷 Octopuce	2026-05-03 20:15:21 (1 month ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/so-pinyin-slugs/inc/main_json.php /wp ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/so-pinyin-slugs/inc/main_json.php /wp-content/plugins/WPManager/up.php /wp-conte ... show less	Web App Attack
Anonymous	2026-04-13 13:08:16 (1 month ago)	SQL injection, multiple attempts.	SQL Injection

Showing 1 to 15 of 148 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 209.85.221.67

🇺🇸 108.167.176.145

🇺🇸 107.150.102.47

🇷🇴 92.118.39.236

🇳🇱 34.91.147.161

🇺🇸 34.46.56.131

🇻🇳 27.79.6.241

🇮🇳 20.219.91.90

🇮🇩 210.79.191.170

🇭🇰 119.246.15.94

🇰🇷 119.203.109.69

🇳🇱 34.13.154.158

🇺🇸 20.65.194.160

🇧🇪 198.235.24.140

🇨🇳 150.255.100.244

🇨🇳 118.145.164.82

🇬🇪 91.151.136.148

🇱🇹 45.227.254.170

🇳🇱 45.148.10.157

🇺🇸 34.186.36.120