JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.92.249.130

91.92.249.130 was found in our database!

This IP was reported 1,580 times. Confidence of Abuse is 0%: ?

ISP	CLOUDEUS SL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62033
Domain Name	cloud.eus
Country	🇪🇸 Spain
City	Barcelona, Catalonia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.92.249.130

Whois 91.92.249.130

IP Abuse Reports for 91.92.249.130:

This IP address has been reported a total of 1,580 times from 196 distinct sources. 91.92.249.130 was first reported on October 18th 2023, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 nomzamo	2025-01-22 03:52:47 (1 year ago)	Fail2Ban reported: nginx-noscript	Brute-Force Bad Web Bot
🇺🇸 c y	2024-09-28 16:46:37 (1 year ago)	...	Web App Attack
🇨🇦 polycoda	2024-09-28 11:43:00 (1 year ago)	access_log:91.92.249.130 - - [27/Sep/2024:22:13:21 -0400] "GET /+CSCOE+/logon.html HTTP/1.1" 404 101 ... show more access_log:91.92.249.130 - - [27/Sep/2024:22:13:21 -0400] "GET /+CSCOE+/logon.html HTTP/1.1" 404 10102 "-" "Go-http-client/1.1" access_log:91.92.249.130 - - [27/Sep/2024:22:13:21 -0400] "GET /global-protect/login.esp HTTP/1.1" 404 10114 "-" "Go-http-client/1.1" access_log:91.92.249.130 - - [27/Sep/2024:22:13:21 -0400] "GET /dana-na/auth/url_default/welcome.cgi HTTP/1.1" 404 10138 "-" "Go-http-client/1.1" show less	Hacking Web App Attack
🇨🇦 Roper123	2024-09-28 04:23:56 (1 year ago)	Web exploits	Hacking Web App Attack
🇺🇸 ANTI SCANNER	2024-09-28 02:36:20 (1 year ago)	Scanner : /dana-na/auth/url_default/welcome.cgi	Web Spam
🇺🇸 thefoofighter	2024-09-28 02:23:46 (1 year ago)	[Sat Sep 28 02:23:45.508331 2024] [:error] [pid 2623716] [client 91.92.249.130:51274] [client 91.92. ... show more [Sat Sep 28 02:23:45.508331 2024] [:error] [pid 2623716] [client 91.92.249.130:51274] [client 91.92.249.130] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "63.250.44.173"] [uri "/"] [unique_id "ZvdosWL4zCxro4YnGtgFhAAAAB4"] [Sat Sep 28 02:23:45.958004 2024] [:error] [pid 2624097] [client 91.92.249.130:52218] [client 91.92.249.130] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag ... show less	Bad Web Bot Web App Attack
🇺🇸 mhhdr	2024-09-28 00:12:59 (1 year ago)	Web attack: GET /+CSCOE+/logon.html.	Web App Attack
🇺🇸 Shouddy Tarano	2024-09-27 23:34:49 (1 year ago)	[Fri Sep 27 23:34:46.800273 2024] [authz_core:error] [pid 3640536:tid 140522530268928] [client 91.92 ... show more [Fri Sep 27 23:34:46.800273 2024] [authz_core:error] [pid 3640536:tid 140522530268928] [client 91.92.249.130:45150] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/ [Fri Sep 27 23:34:46.803375 2024] [authz_core:error] [pid 3640536:tid 140522530268928] [client 91.92.249.130:45150] AH01630: client denied by server configuration: /usr/share/httpd/noindex/index.html [Fri Sep 27 23:34:47.271379 2024] [authz_core:error] [pid 3640308:tid 140523041961728] [client 91.92.249.130:46450] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/+CSCOE+ [Fri Sep 27 23:34:47.738432 2024] [authz_core:error] [pid 3640536:tid 140522765133568] [client 91.92.249.130:47700] AH01630: client denied by server configuration: /var/www/erpcampestremty/public/global-protect [Fri Sep 27 23:34:48.213183 2024] [authz_core:error] [pid 3640307:tid 140523352327936] [client 91.92.249.130:49170] AH01630: client denied by server configuration: /var/www/erpcampestremty ... show less	DDoS Attack Web Spam Brute-Force Web App Attack
Anonymous	2024-09-27 23:05:06 (1 year ago)	91.92.249.130 - visio.sliver85.eu - [28/Sep/2024:01:05:05 +0200] "GET / HTTP/1.1" 444 "Go-http-clien ... show more 91.92.249.130 - visio.sliver85.eu - [28/Sep/2024:01:05:05 +0200] "GET / HTTP/1.1" 444 "Go-http-client/1.1" 91.92.249.130 - visio.sliver85.eu - [28/Sep/2024:01:05:05 +0200] "GET /+CSCOE+/logon.html HTTP/1.1" 444 "Go-http-client/1.1" 91.92.249.130 - visio.sliver85.eu - [28/Sep/2024:01:05:05 +0200] "GET /global-protect/login.esp HTTP/1.1" 444 "Go-http-client/1.1" 91.92.249.130 - visio.sliver85.eu - [28/Sep/2024:01:05:05 +0200] "GET /dana-na/auth/url_default/welcome.cgi HTTP/1.1" 444 "Go-http-client/1.1" ... show less	Brute-Force Web App Attack
Anonymous	2024-09-27 22:15:02 (1 year ago)	Login attempt: /+CSCOE+/logon.html	Hacking Brute-Force Web App Attack
🇨🇦 byte_down	2024-09-27 22:08:31 (1 year ago)	Nginx-Malicious-User-Agent	Bad Web Bot Exploited Host Web App Attack
🇺🇸 drewf.ink	2024-09-27 17:42:51 (1 year ago)	[17:42] Port scanning. Port(s) scanned: TCP/444	Port Scan
🇸🇪 webbfabriken	2024-09-27 15:13:04 (1 year ago)	spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbf ... show more spam or other hacking activities reported by webbfabriken security servers Attack reported by Webbfabriken Security API - WFSecAPI show less	Web Spam
Anonymous	2024-09-27 11:15:33 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇫🇷 urmarcht	2024-09-22 07:30:29 (1 year ago)	Bot attack detected : webscan vurnerability	Web App Attack

Showing 1 to 15 of 1580 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 195.209.210.21

🇳🇱 178.227.204.206

🇨🇳 119.96.137.18

🇱🇹 77.90.185.9

🇸🇬 47.237.184.169

🇷🇺 37.79.2.183

🇧🇪 35.187.83.145

🇺🇸 3.225.61.40

🇨🇭 144.2.91.96

🇺🇸 142.173.95.203

🇻🇳 112.137.143.2

🇲🇽 187.191.48.23

🇵🇭 180.190.143.19

🇳🇱 176.65.139.31

🇫🇮 147.185.133.104

🇨🇳 111.42.183.124

🇨🇦 104.36.149.175

🇵🇱 87.251.64.156

🇷🇺 77.95.203.182

🇧🇪 34.14.23.32