JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.91.20.27

45.91.20.27 was found in our database!

This IP was reported 85 times. Confidence of Abuse is 78%: ?

78%

ISP	VPN Consumer Milan, Italy
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	vpnconsumer.com
Country	🇮🇹 Italy
City	Milan, Lombardy

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.91.20.27

Whois 45.91.20.27

IP Abuse Reports for 45.91.20.27:

This IP address has been reported a total of 85 times from 50 distinct sources. 45.91.20.27 was first reported on October 9th 2025, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-15 10:34:37 (18 hours ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-15 09:06:41 (20 hours ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (95/60 min)'; Requests=95	Port Scan
🇺🇦 URAN Publishing Service	2026-06-15 00:59:35 (1 day ago)	45.91.20.27 - - [15/Jun/2026:03:59:34 +0300] "GET /wp-content/plugins/StylePlugin/up.php HTTP/1.1" 4 ... show more 45.91.20.27 - - [15/Jun/2026:03:59:34 +0300] "GET /wp-content/plugins/StylePlugin/up.php HTTP/1.1" 404 706 "-" "Go-http-client/1.1" 45.91.20.27 - - [15/Jun/2026:03:59:34 +0300] "GET /wp-content/plugins/semrush/x.php HTTP/1.1" 404 706 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇧🇪 cmbplf	2026-06-14 21:44:51 (1 day ago)	105 requests with url.path */wp.php	Brute-Force Bad Web Bot
🇺🇸 kosada.com	2026-06-14 14:30:44 (1 day ago)	Web vulnerability probing: /wp-content/themes/fukasawa/inc/classes/403.php	Web App Attack
🇨🇭 Origon	2026-06-14 11:22:14 (1 day ago)	http-wordpress-scan - IP: 45.91.20.27 - time="2026-06-14T13:22:13+02:00" level=info msg="(555f66b4f ... show more http-wordpress-scan - IP: 45.91.20.27 - time="2026-06-14T13:22:13+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-wordpress-scan by ip 45.91.20.27 (IT/9009) : 4h ban on Ip 45.91.20.27" module=db show less	Web App Attack
🇬🇧 consul.to	2026-06-13 09:54:08 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-06-12 23:04:28 (3 days ago)	45.91.20.27 - - [12/Jun/2026:23:04:27 +0000] "GET /wp-content/about.php HTTP/1.1" 302 453 "-" "Mozil ... show more 45.91.20.27 - - [12/Jun/2026:23:04:27 +0000] "GET /wp-content/about.php HTTP/1.1" 302 453 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" ... show less	Bad Web Bot Web App Attack
🇫🇷 Octopuce	2026-06-12 21:26:25 (3 days ago)	Aggressive web search of vulnerable pages: /wp-includes/blocks/group/ /wp-includes/sodium_compat/ /w ... show more Aggressive web search of vulnerable pages: /wp-includes/blocks/group/ /wp-includes/sodium_compat/ /wp-content/updraft/ /wp-content/w3tc-config/ ... show less	Web App Attack
🇩🇪 Viveronese	2026-06-11 20:13:24 (4 days ago)	HTTP vulnerability scanning	Web App Attack
🇩🇪 paissangroup	2026-06-11 17:30:23 (4 days ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-05-31 20:30:40 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 masterguru	2026-05-31 12:19:37 (2 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-21 16:31:29 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 45.91.20.27 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 45.91.20.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 12:31:22.696024 2026] [security2:error] [pid 29089:tid 29089] [client 45.91.20.27:22519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "businessvaluationapp.com"] [uri "/.git/config"] [unique_id "ag8zWgj2Rdu29MSQm-gUUwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 lufi	2026-05-21 15:32:20 (3 weeks ago)	2026-05-21 17:32:19 45.91.20.27: blacklistedPath: /.git/HEAD ...	Web Spam Brute-Force Hacking Web App Attack

Showing 1 to 15 of 85 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.232

🇹🇼 198.235.24.109

🇺🇸 198.98.56.205

🇭🇰 190.92.239.22

🇵🇱 172.253.1.150

🇺🇸 172.236.111.98

🇺🇸 162.216.149.190

🇺🇸 156.229.21.54

🇮🇩 103.124.196.101

🇭🇰 101.36.111.38

🇦🇪 91.73.75.175

🇷🇴 80.94.92.177

🇺🇸 73.213.236.66

🇰🇷 59.3.254.18

🇳🇱 46.151.178.13

🇭🇰 45.142.154.36

🇺🇸 24.163.114.60

🇨🇳 223.84.209.188

🇮🇹 209.227.244.120

🇧🇷 205.210.31.182