JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.132.125.49

91.132.125.49 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 2%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.132.125.49

Whois 91.132.125.49

IP Abuse Reports for 91.132.125.49:

This IP address has been reported a total of 7 times from 5 distinct sources. 91.132.125.49 was first reported on June 23rd 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 15:40:44 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 11:40:40.757535 2026] [security2:error] [pid 29464:tid 29464] [client 91.132.125.49:20383] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gubbio.name\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gubbio.name"] [uri "/wp-json/wp/v2/users"] [unique_id "airW-NxnxiRjvmo_gbcsqgAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:27:20 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:27:15.401594 2026] [security2:error] [pid 10152:tid 10152] [client 91.132.125.49:13521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ideaofauniversity.website"] [uri "/wp-config.bak"] [unique_id "ag4nM1id1KXvQwUIatMZ8QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 18:06:19 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 91.132.125.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 14:06:11.482909 2026] [security2:error] [pid 8378:tid 8378] [client 91.132.125.49:54121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "misogynyis.com"] [uri "/wp-config.php~"] [unique_id "ag34Ey9UbaC4O-mbLNjInwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-18 00:50:45 (5 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2026.01.18 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2025-11-30 13:08:27 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇫🇷 adembaysal	2025-10-29 20:12:01 (8 months ago)	Domain : bahukuk.com Rule : wp-login 2025-10-29 20:11:04 *hidden-privacy* GET /wp-login.php - 44 ... show more Domain : bahukuk.com Rule : wp-login 2025-10-29 20:11:04 *hidden-privacy* GET /wp-login.php - 443 - 91.132.125.49 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 https://bahukuk.com/wp-login.php bahukuk.com 404 0 2 1555 276 195 - - show less	Web App Attack
Anonymous	2025-06-23 11:44:00 (1 year ago)	Message meets Alert condition The following critical firewall event was detected: SSL VPN login fai ... show more Message meets Alert condition The following critical firewall event was detected: SSL VPN login fail. date=2025-06-22 time=01:49:34 devname=FortiGate-200F devid=FG200FT922906136 eventtime=1750574974859518954 tz="-0500" logid="0101039426" type="event" subtype="vpn" level="alert" vd="root" logdesc="SSL VPN login fail" action="ssl-login-fail" tunneltype="ssl-web" tunnelid=0 remip=91.132.125.49 srccountry="United States" user="kscott" group="N/A" dst_host="N/A" reason="sslvpn_login_unknown_user" msg="SSL user failed to logged in" show less	VPN IP

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2409:40e2:151:7b2e:ade7:e871:fec5:8f04

🇺🇸 216.25.89.101

🇧🇷 201.222.20.20

🇸🇬 194.5.82.93

🇮🇩 163.7.11.126

🇳🇱 160.119.71.135

🇰🇷 118.45.113.140

🇮🇳 103.207.9.246

🇯🇵 101.33.55.172

🇷🇺 94.243.11.191

🇸🇬 82.38.180.55

🇺🇸 57.151.129.36

🇸🇦 37.106.13.48

🇰🇷 211.40.167.121

🇸🇬 194.5.82.83

🇮🇩 163.7.12.71

🇧🇷 128.201.9.152

🇵🇭 112.201.196.207

🇸🇬 101.47.18.220

🇫🇷 92.205.184.118