JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.92.240.52

91.92.240.52 was found in our database!

This IP was reported 231 times. Confidence of Abuse is 84%: ?

84%

ISP	OMEGATECH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202412
Domain Name	omegatech.sc
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.92.240.52

Whois 91.92.240.52

IP Abuse Reports for 91.92.240.52:

This IP address has been reported a total of 231 times from 75 distinct sources. 91.92.240.52 was first reported on March 3rd 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Major Hostility	2026-06-14 21:34:53 (1 hour ago)	"GET /.env HTTP/1.1" 404 "GET /.env HTTP/1.1" 404	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 20:15:58 (2 hours ago)	(mod_security) mod_security (id:210492) triggered by 91.92.240.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 91.92.240.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:15:51.464885 2026] [security2:error] [pid 32747:tid 32747] [client 91.92.240.52:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easy-byte.net"] [uri "/.env"] [unique_id "ai8L98T1GL8cLwo0Xvo6SAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-14 20:09:02 (2 hours ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx01,mx02,mx03,wa ... show more Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx01,mx02,mx03,wa01] show less	Bad Web Bot Web App Attack
🇸🇪 SkyDancer	2026-06-14 20:01:18 (3 hours ago)	Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ... show more Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X). show less	Hacking Brute-Force
Anonymous	2026-06-14 18:57:53 (4 hours ago)	http scanning for .env files ...	Hacking Web App Attack
🇩🇪 Ba-Yu	2026-06-14 18:51:29 (4 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
Anonymous	2026-06-14 18:30:58 (4 hours ago)	91.92.240.52 - - [14/Jun/2026:20:30:58 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows ... show more 91.92.240.52 - - [14/Jun/2026:20:30:58 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	Web App Attack
Anonymous	2026-06-14 16:59:52 (6 hours ago)	PAD: ModSec_Scanner!,ModSec_Critical detected	Hacking
🇸🇬 serverutama	2026-06-14 16:03:01 (7 hours ago)	Nginx scanner: 91.92.240.52 - - [14/Jun/2026:22:19:41 +0700] "GET /.env HTTP/1.1" 301 162 "-" "Mozil ... show more Nginx scanner: 91.92.240.52 - - [14/Jun/2026:22:19:41 +0700] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-14 13:09:06 (9 hours ago)	(mod_security) mod_security (id:210492) triggered by 91.92.240.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 91.92.240.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 09:09:01.353200 2026] [security2:error] [pid 17556:tid 17556] [client 91.92.240.52:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "upskirtcrazy.com"] [uri "/.env"] [unique_id "ai6n7dGByKLdNGodyG0apwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 13:06:05 (10 hours ago)	Trying to access config files	Web App Attack
🇺🇸 interbiznw.com	2026-06-14 12:49:32 (10 hours ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 kommunos	2026-06-14 11:52:22 (11 hours ago)	/.env	Web App Attack
🇬🇧 Oakley	2026-06-14 09:54:24 (13 hours ago)	(confirmed_bot_sig) Confirmed bot	Hacking
🇩🇪 HERA - Operations	2026-06-14 08:44:14 (14 hours ago)	argeforum - searching for vulnerable scripts: .env 2026/06/14 10:44:14	Web App Attack

Showing 1 to 15 of 231 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 69.5.169.43

🇵🇱 194.180.48.31

🇺🇸 192.241.150.170

🇫🇷 176.132.218.176

🇳🇱 176.65.139.130

🇩🇪 176.9.119.111

🇭🇰 103.158.29.100

🇩🇪 95.133.245.20

🇽🇰 93.115.108.247

🇳🇱 45.148.10.183

🇺🇸 35.147.150.2

🇦🇺 34.151.139.137

🇭🇰 34.150.122.109

🇺🇸 2602:fb54:1400::1f5

🇧🇬 185.199.38.75

🇮🇳 182.95.187.98

🇧🇾 178.120.52.59

🇻🇳 171.244.142.205

🇬🇧 118.193.65.212

🇨🇳 118.122.117.64