AbuseIPDB » 91.132.125.49
91.132.125.49 was found in our database!
This IP was reported 7 times. Confidence of
Abuse
is 2% : ?
ISP
FINE GROUP SERVERS SOLUTIONS LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS26548
Domain Name
finegroupservers.com
Country
๐บ๐ธ
United States of America
City
Seattle, Washington
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 91.132.125.49 :
This IP address has been reported a total of
7
times from
5 distinct
sources.
91.132.125.49 was first reported on
June 23rd 2025 , and the most recent report was
2 weeks ago .
Old Reports:
The most recent abuse report for this IP address is from
2 weeks ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-06-11 15:40:44
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:40:40.757535 2026] [security2:error] [pid 29464:tid 29464] [client 91.132.125.49:20383] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gubbio.name|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gubbio.name"] [uri "/wp-json/wp/v2/users"] [unique_id "airW-NxnxiRjvmo_gbcsqgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 21:27:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:27:15.401594 2026] [security2:error] [pid 10152:tid 10152] [client 91.132.125.49:13521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ideaofauniversity.website"] [uri "/wp-config.bak"] [unique_id "ag4nM1id1KXvQwUIatMZ8QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 18:06:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 14:06:11.482909 2026] [security2:error] [pid 8378:tid 8378] [client 91.132.125.49:54121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "misogynyis.com"] [uri "/wp-config.php~"] [unique_id "ag34Ey9UbaC4O-mbLNjInwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-01-18 00:50:45
(5 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.18 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.18 is noted in report timestamp
show less
Hacking
Brute-Force
๐ฑ๐ป
garmtech.com
2025-11-30 13:08:27
(6 months ago)
IM360 WAF: Attempt to upload malware
Hacking
๐ซ๐ท
adembaysal
2025-10-29 20:12:01
(8 months ago)
Domain : bahukuk.com
Rule : wp-login
2025-10-29 20:11:04 ***hidden-privacy*** GET /wp-login.php - 44 ...
show more
Domain : bahukuk.com
Rule : wp-login
2025-10-29 20:11:04 ***hidden-privacy*** GET /wp-login.php - 443 - 91.132.125.49 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 https://bahukuk.com/wp-login.php bahukuk.com 404 0 2 1555 276 195 - -
show less
Web App Attack
Anonymous
2025-06-23 11:44:00
(1 year ago)
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fai ...
show more
Message meets Alert condition
The following critical firewall event was detected: SSL VPN login fail.
date=2025-06-22 time=01:49:34 devname=FortiGate-200F devid=FG200FT922906136 eventtime=1750574974859518954 tz="-0500" logid="0101039426" type="event" subtype="vpn" level="alert" vd="root" logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=91.132.125.49 srccountry="United States" user="kscott" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in"
show less
VPN IP
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: