JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 45.91.23.147

45.91.23.147 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 61%: ?

61%

ISP	VPN Consumer Montreal, Canada
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	vpnconsumer.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 45.91.23.147

Whois 45.91.23.147

IP Abuse Reports for 45.91.23.147:

This IP address has been reported a total of 142 times from 68 distinct sources. 45.91.23.147 was first reported on August 31st 2023, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-06-10 20:35:31 (1 day ago)	45.91.23.147 - - [10/Jun/2026:22:35:27 +0200] "GET /404.php HTTP/2.0" 404 133530 "https://primobio.i ... show more 45.91.23.147 - - [10/Jun/2026:22:35:27 +0200] "GET /404.php HTTP/2.0" 404 133530 "https://primobio.it/404.php" "Go-http-client/2.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 www.tana.it	2026-06-10 20:03:34 (1 day ago)	PHP scan	Web App Attack
🇫🇷 solution.it	2026-06-10 11:41:52 (2 days ago)	[Wed Jun 10 13:41:52.006530 2026] [php7:error] [pid 2596381:tid 2596381] [client 45.91.23.147:64105] ... show more [Wed Jun 10 13:41:52.006530 2026] [php7:error] [pid 2596381:tid 2596381] [client 45.91.23.147:64105] script '/var/lib/roundcube/system_log.php' not found or unable to stat, referer: http://mail.solution.it/system_log.php show less	Web App Attack
🇫🇷 dynamix	2026-06-04 08:57:51 (1 week ago)	Multiple WAF Violations	Web App Attack
🇫🇷 dynamix	2026-06-02 10:41:21 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Ba-Yu	2026-06-02 04:39:00 (1 week ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 aranguren.org	2026-06-01 23:07:42 (1 week ago)	45.91.23.147 - - [02/Jun/2026:09:07:40 +1000] "GET /bless.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Win ... show more 45.91.23.147 - - [02/Jun/2026:09:07:40 +1000] "GET /bless.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" 45.91.23.147 - - [02/Jun/2026:09:07:40 +1000] "GET /O-Simple.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36" 45.91.23.147 - - [02/Jun/2026:09:07:40 +1000] "GET /lock360.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 45.91.23.147 - - [02/Jun/2026:09:07:41 +1000] "GET /zwso.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.91.23.147 - - [02/Jun/2026:09:07:41 +1000] "GET /chosen.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0 ... show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-05-30 14:59:32 (1 week ago)	45.91.23.147 - - [30/May/2026:17:59:31 +0300] "GET /wp-content/plugins/shell/noimg.php HTTP/1.1" 404 ... show more 45.91.23.147 - - [30/May/2026:17:59:31 +0300] "GET /wp-content/plugins/shell/noimg.php HTTP/1.1" 404 714 "-" "Go-http-client/1.1" 45.91.23.147 - - [30/May/2026:17:59:32 +0300] "GET /wp-content/plugins/pwnd-2/pwnd.php HTTP/1.1" 404 714 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇩🇪 stinpriza	2026-05-30 10:34:30 (1 week ago)	Web App Attack	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-21 23:56:41 (3 weeks ago)	45.91.23.147 - - [22/May/2026:02:56:40 +0300] "GET /wp-content/themes/pwnd-themes/php5-litespeed.php ... show more 45.91.23.147 - - [22/May/2026:02:56:40 +0300] "GET /wp-content/themes/pwnd-themes/php5-litespeed.php HTTP/1.1" 404 708 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-21 16:58:22 (3 weeks ago)	45.91.23.147 - - [21/May/2026:19:58:21 +0300] "GET /wp-includes/assets/index.php HTTP/1.1" 404 715 " ... show more 45.91.23.147 - - [21/May/2026:19:58:21 +0300] "GET /wp-includes/assets/index.php HTTP/1.1" 404 715 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇮🇹 sssrit	2026-05-21 16:53:49 (3 weeks ago)	45.91.23.147 - - [21/May/2026:18:53:32 +0200] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/2.0" 302 ... show more 45.91.23.147 - - [21/May/2026:18:53:32 +0200] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/2.0" 302 186 "http://sssr.it/wp-content/plugins/pwnd-1/pwnd.php" "Go-http-client/2.0" 45.91.23.147 - - [21/May/2026:18:53:47 +0200] "GET /wp-content/plugins/shell/noimg.php HTTP/2.0" 302 186 "http://sssr.it/wp-content/plugins/shell/noimg.php" "Go-http-client/2.0" 45.91.23.147 - - [21/May/2026:18:53:48 +0200] "GET /wp-content/plugins/pwnd-2/pwnd.php HTTP/2.0" 302 186 "http://sssr.it/wp-content/plugins/pwnd-2/pwnd.php" "Go-http-client/2.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 16:46:19 (3 weeks ago)	(mod_security) mod_security (id:234930) triggered by 45.91.23.147 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 45.91.23.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 12:46:14.521605 2026] [security2:error] [pid 31510:tid 31534] [client 45.91.23.147:27057] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|financialanalyst.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "financialanalyst.org"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ag821sVF1MqrBBTTF4xtMQAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-05-21 05:34:27 (3 weeks ago)	45.91.23.147 - - [21/May/2026:08:34:24 +0300] "GET /wp-content/plugins/linkpreview/index.php HTTP/1. ... show more 45.91.23.147 - - [21/May/2026:08:34:24 +0300] "GET /wp-content/plugins/linkpreview/index.php HTTP/1.1" 404 707 "-" "Go-http-client/1.1" 45.91.23.147 - - [21/May/2026:08:34:25 +0300] "GET /wp-content/plugins/linkpreview/db.php?u HTTP/1.1" 404 707 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇫🇷 dynamix	2026-05-12 07:56:33 (1 month ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.96.182.111

🇨🇳 58.20.236.52

🇬🇧 35.203.210.5

🇨🇳 221.0.14.230

🇺🇸 205.210.31.87

🇦🇷 190.175.32.205

🇨🇴 190.5.200.98

🇩🇪 185.176.94.38

🇳🇱 159.223.213.49

🇨🇳 117.72.99.101

🇨🇳 61.162.234.23

🇳🇱 45.148.10.151

🇵🇪 38.250.116.213

🇫🇮 213.232.120.81

🇰🇷 211.254.212.59

🇺🇸 192.178.115.218

🇮🇶 185.166.25.150

🇵🇰 182.180.91.158

🇸🇬 178.128.51.84

🇷🇺 176.112.128.143