AbuseIPDB » 91.124.129.220
91.124.129.220 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 4% : ?
ISP
JSC Ukrtelecom
Usage Type
Data Center/Web Hosting/Transit
ASN
AS212238
Domain Name
ukrtelecom.ua
Country
๐บ๐ธ
United States of America
City
Los Angeles, California
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 91.124.129.220 :
This IP address has been reported a total of
8
times from
6 distinct
sources.
91.124.129.220 was first reported on
July 11th 2025 , and the most recent report was
8 hours ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
2026-07-16 23:48:03
(8 hours ago)
Malicious activity detected
Hacking
Web App Attack
Anonymous
2026-04-28 04:11:09
(2 months ago)
Web app attack and vulnerability scan detected from IIS logs
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
A000Z
2026-04-15 01:48:57
(3 months ago)
Fail2Ban: 91.124.129.220 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5 ...
show more
Fail2Ban: 91.124.129.220 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
show less
Bad Web Bot
๐บ๐ธ
UFFR_87
2026-04-04 23:50:46
(3 months ago)
MediaWiki recent changes/user login spam, possible AI scraper
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-20 01:58:44
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 91.124.129.220 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 91.124.129.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 19 20:58:39.706587 2025] [security2:error] [pid 30048:tid 30048] [client 91.124.129.220:61036] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||scoutinsignia.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "scoutinsignia.com"] [uri "/buttons/WS_FTP.LOG"] [unique_id "aUYCz-Av98Gy2IJBmy3cfgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-20 08:36:32
(7 months ago)
Malicious activity detected
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-21 12:39:11
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 91.124.129.220 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 91.124.129.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 21 08:39:04.105110 2025] [security2:error] [pid 22048:tid 22048] [client 91.124.129.220:50850] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.vangentholding.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vangentholding.com"] [uri "/wp-json/wp/v2/users/222533"] [unique_id "aPd-6LT0o5jR20DrrZ5m-AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bigorre.org
2025-07-11 13:16:33
(1 year ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: