JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.132.125.64

91.132.125.64 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 8%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.132.125.64

Whois 91.132.125.64

IP Abuse Reports for 91.132.125.64:

This IP address has been reported a total of 11 times from 6 distinct sources. 91.132.125.64 was first reported on June 9th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-05-17 22:12:01 (1 month ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 HandyTreff.de	2026-05-10 13:20:03 (1 month ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -56.458 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -56.458 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.98.106 show less	Web App Attack Bad Web Bot
🇨🇭 backslash	2026-04-16 12:12:01 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 MusicLibrary	2026-02-25 19:35:07 (3 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇱🇻 garmtech.com	2026-01-08 08:15:14 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-15.91.132.125.64.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 10-15.91.132.125.64.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2026-01-06 19:36:44 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-36.91.132.125.64.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 21-36.91.132.125.64.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 fbarela	2025-10-31 09:00:26 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-09-13 13:24:17 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 13 09:24:10.054447 2025] [security2:error] [pid 15820:tid 15820] [client 91.132.125.64:12711] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|pourier.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "pourier.net"] [uri "/"] [unique_id "aMVwegoYTf80F4jUSivVWQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-12 19:20:59 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 12 15:20:52.724206 2025] [security2:error] [pid 32525:tid 32525] [client 91.132.125.64:45131] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.portfoliolighting.net\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.portfoliolighting.net"] [uri "/403.shtml"] [unique_id "aMRylEIVbOwg5UYEZveVWAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-11 00:43:26 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 20:43:20.590155 2025] [security2:error] [pid 2874:tid 2874] [client 91.132.125.64:63715] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|surrenderhouse.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "surrenderhouse.com"] [uri "/contact.html"] [unique_id "aMIbKLqHxj03--WAcvGd7AAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-06-09 22:18:24 (1 year ago)	(mod_security) mod_security (id:210740) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210740) triggered by 91.132.125.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 09 18:18:17.584626 2025] [security2:error] [pid 3469236:tid 3469236] [client 91.132.125.64:18263] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|www.inquisitivequincie.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.inquisitivequincie.com"] [uri "/news/home.php"] [unique_id "aEddqQBQsRi6ljJkDGDm4gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 195.178.191.5

🇩🇪 193.124.20.248

🇷🇴 193.46.255.86

🇨🇴 186.154.159.54

🇨🇳 106.14.183.112

🇻🇳 103.163.214.78

🇷🇺 95.84.164.90

🇺🇸 52.165.81.251

🇨🇦 51.79.67.63

🇨🇴 206.62.136.109

🇺🇸 198.199.86.215

🇦🇷 186.0.228.35

🇷🇺 185.253.182.218

🇪🇸 185.234.185.46

🇳🇴 185.213.23.178

🇸🇾 185.84.49.104

🇳🇱 160.119.71.129

🇭🇰 119.28.9.170

🇩🇪 93.236.180.235

🇸🇬 47.84.62.21