JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.92.242.143

91.92.242.143 was found in our database!

This IP was reported 86 times. Confidence of Abuse is 100%: ?

100%

ISP	OMEGATECH
Usage Type	Fixed Line ISP
ASN	AS202412
Domain Name	omegatech.sc
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.92.242.143

Whois 91.92.242.143

IP Abuse Reports for 91.92.242.143:

This IP address has been reported a total of 86 times from 62 distinct sources. 91.92.242.143 was first reported on July 1st 2024, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-06-26 23:39:57 (5 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-26 22:34:43 (6 hours ago)		Brute-Force Web App Attack
🇧🇷 Halux	2026-06-26 20:55:04 (8 hours ago)	91.92.242.143 Probing protected path or service	Web App Attack
🇩🇪 Gwyneth Llewelyn	2026-06-26 18:21:48 (10 hours ago)	2026/06/26 19:21:46 [error] 1094874#1094874: 1368814 access forbidden by rule, client: 91.92.242.14 ... show more 2026/06/26 19:21:46 [error] 1094874#1094874: 1368814 access forbidden by rule, client: 91.92.242.143, server: alzulej.pt, request: "GET /.env HTTP/2.0", host: "alzulej.pt" 91.92.242.143 - - [26/Jun/2026:19:21:46 +0100] "GET /.env HTTP/2.0" 403 1045 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 2026/06/26 19:21:47 [error] 1094874#1094874: *1368814 access forbidden by rule, client: 91.92.242.143, server: alzulej.pt, request: "GET /api/.env HTTP/2.0", host: "alzulej.pt" show less	Brute-Force Web App Attack
🇬🇧 Aetherweb Ark	2026-06-26 16:54:24 (12 hours ago)	(mod_security) mod_security (id:949110) triggered by 91.92.242.143 (-): N in the last X secs	Web App Attack
Anonymous	2026-06-26 14:59:39 (14 hours ago)	http scanning for .env files ...	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 13:59:39 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 91.92.242.143 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 91.92.242.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:59:33.371533 2026] [security2:error] [pid 32260:tid 32260] [client 91.92.242.143:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webfrog.ws"] [uri "/.env"] [unique_id "aj6FxVyNW825-BekRD29bQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-26 13:32:58 (15 hours ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 tall1oN	2026-06-26 13:16:28 (15 hours ago)	91.92.242.143 - - [26/Jun/2026:14:34:52 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/2.0" 200 1042 ... show more 91.92.242.143 - - [26/Jun/2026:14:34:52 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/2.0" 200 10420385 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" "diamondliferp.cc" 91.92.242.143 - - [26/Jun/2026:15:16:26 +0200] "GET //xmlrpc.php?rsd HTTP/2.0" 200 2467636 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" "diamondliferp.cc" ... show less	Web App Attack Port Scan Hacking
Anonymous	2026-06-26 11:05:04 (18 hours ago)	$f2bV_matches	Brute-Force
🇫🇷 Baking333	2026-06-26 09:11:31 (20 hours ago)	[redacted] 91.92.242.143 - - [26/Jun/2026:10:11:29 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 30 ... show more [redacted] 91.92.242.143 - - [26/Jun/2026:10:11:29 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 302 6823 0/59832 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" [redacted] 91.92.242.143 - - [26/Jun/2026:10:11:29 +0100] "GET //[redacted]?rsd HTTP/1.1" 302 1604 0/63371 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇫🇮 smallhost_helsinki	2026-06-26 07:43:54 (21 hours ago)	Tried to access non existent path: /.env	Web App Attack
Anonymous	2026-06-26 07:00:26 (22 hours ago)	(mod_security) mod_security triggered on hostname [redacted] 91.92.242.143 (-)	SQL Injection
🇺🇸 Lezetho	2026-06-26 06:00:41 (23 hours ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇪🇸 alferez	2026-06-26 01:41:19 (1 day ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack

Showing 1 to 15 of 86 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.11

🇺🇸 147.185.132.100

🇺🇸 147.185.132.94

🇺🇸 143.42.0.20

🇺🇸 205.210.31.98

🇺🇸 205.185.117.128

🇧🇷 187.51.208.158

🇫🇷 185.177.72.17

🇺🇸 184.105.247.254

🇺🇸 162.216.150.223

🇺🇸 147.185.132.112

🇬🇧 139.59.170.85

🇺🇸 135.237.125.27

🇮🇳 117.231.197.147

🇨🇳 106.32.28.78

🇺🇸 73.151.104.41

🇳🇱 45.148.10.157

🇸🇬 43.160.249.98

🇮🇹 5.99.196.202

🇭🇰 220.246.46.144