JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.92.255.122

91.92.255.122 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 0%: ?

ISP	E-CARD LTD.
Usage Type	Data Center/Web Hosting/Transit
ASN	Unknown
Hostname(s)	ip-92-255-122.e-card.bg
Domain Name	e-card.bg
Country	🇧🇬 Bulgaria
City	Sofia, Sofia-Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.92.255.122

Whois 91.92.255.122

IP Abuse Reports for 91.92.255.122:

This IP address has been reported a total of 45 times from 25 distinct sources. 91.92.255.122 was first reported on November 3rd 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Cyber SOC	2024-05-30 09:49:43 (2 years ago)	Peaksys - 2024-05-30 10:49:25 UTC+01	Port Scan
🇺🇸 TPI-Abuse	2024-04-09 04:01:29 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 91.92.255.122 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 91.92.255.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 09 00:01:22.591238 2024] [security2:error] [pid 21476] [client 91.92.255.122:57243] [client 91.92.255.122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barbaraehill.com"] [uri "/.env"] [unique_id "ZhS9knV1U54LrtH8Bei7GQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Nightreaver	2024-02-08 05:51:36 (2 years ago)	91.92.255.122 - - [08/Feb/2024:06:49:45 0100] "GET /.git/config HTTP/1.1" 404 494 "-" "python-reque ... show more 91.92.255.122 - - [08/Feb/2024:06:49:45 0100] "GET /.git/config HTTP/1.1" 404 494 "-" "python-requests/2.28.1" 91.92.255.122 - - [08/Feb/2024:06:49:45 0100] "GET /.env.prod HTTP/1.1" 404 494 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [08/Feb/2024:06:50:02 0100] "GET /laravel/.env HTTP/1.1" 404 494 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [08/Feb/2024:06:50:10 0100] "GET /system/.env HTTP/1.1" 404 494 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [08/Feb/2024:06:50:28 0100] "GET /apps/.env HTTP/1.1" 404 494 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [08/Feb/2024:06:50:53 0100] "GET /enviroments/.env.production HTTP/1.1" 404 494 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [08/Feb/2024:0[...] show less	Bad Web Bot Web App Attack
🇺🇸 MPL	2024-02-07 22:45:31 (2 years ago)	tcp/80 (10 or more attempts)	Port Scan
🇩🇪 vtibi	2024-02-07 22:20:17 (2 years ago)	91.92.255.122 - - [07/Feb/2024:23:20:05 +0100] "GET /.git/config HTTP/1.1" 404 397 "-" "python-reque ... show more 91.92.255.122 - - [07/Feb/2024:23:20:05 +0100] "GET /.git/config HTTP/1.1" 404 397 "-" "python-requests/2.28.1" 91.92.255.122 - - [07/Feb/2024:23:20:05 +0100] "GET /.env.prod HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [07/Feb/2024:23:20:05 +0100] "POST /.env.prod HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [07/Feb/2024:23:20:17 +0100] "GET /laravel/.env HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Web App Attack
🇺🇸 MPL	2024-02-07 22:11:27 (2 years ago)	tcp/80 (8 or more attempts)	Port Scan
🇺🇸 MPL	2024-02-07 20:52:30 (2 years ago)	tcp/80 (2 or more attempts)	Port Scan
🇺🇸 MPL	2024-02-07 20:38:16 (2 years ago)	tcp/80 (10 or more attempts)	Port Scan
🇨🇦 FredoJF	2024-02-07 10:02:29 (2 years ago)	[Wed Feb 07 05:00:54.882861 2024] [php:error] [pid 1383153] [client 91.92.255.122:61844] script '/va ... show more [Wed Feb 07 05:00:54.882861 2024] [php:error] [pid 1383153] [client 91.92.255.122:61844] script '/var/www/html/frontend_dev.php' not found or unable to stat [Wed Feb 07 05:02:10.492595 2024] [php:error] [pid 1383097] [client 91.92.255.122:62651] script '/var/www/html/info.php' not found or unable to stat [Wed Feb 07 05:02:28.790197 2024] [php:error] [pid 1231299] [client 91.92.255.122:50838] script '/var/www/html/phpinfo.php' not found or unable to stat ... show less	Brute-Force Web App Attack
🇦🇺 ozisp.com.au	2024-02-06 17:58:13 (2 years ago)	BG_MNT-NETERRA_<33>1707242291 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Cl ... show more BG_MNT-NETERRA_<33>1707242291 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classification: Misc activity] [Priority: 3] {TCP} 91.92.255.122:61053 show less	Hacking
🇯🇵 Rcat	2024-02-06 00:47:26 (2 years ago)	91.92.255.122 - - [06/Feb/2024:09:37:21 +0900] "GET /.git/config HTTP/1.1" 400 150 "-" "python-reque ... show more 91.92.255.122 - - [06/Feb/2024:09:37:21 +0900] "GET /.git/config HTTP/1.1" 400 150 "-" "python-requests/2.28.1" 91.92.255.122 - - [06/Feb/2024:09:47:25 +0900] "GET /.env HTTP/1.1" 400 150 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 91.92.255.122 - - [06/Feb/2024:09:47:25 +0900] "POST /.env HTTP/1.1" 400 150 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	DDoS Attack Port Scan Brute-Force Bad Web Bot Web App Attack IoT Targeted
🇮🇪 Jim Keir	2024-01-26 00:21:50 (2 years ago)	2024-01-26 00:21:49 91.92.255.122 File scanning, blocking 91.92.255.122 for 5 minutes	Web App Attack
🇬🇧 SecondEdge	2024-01-25 16:42:30 (2 years ago)	A web attack was detected from 91.92.255.122 (Bulgaria) against 52.215.230.232 (Git Variable Scan).	Web App Attack
🇺🇸 TPI-Abuse	2024-01-25 11:08:49 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 91.92.255.122 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 91.92.255.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 25 06:08:44.009652 2024] [security2:error] [pid 7688:tid 46975638128384] [client 91.92.255.122:52655] [client 91.92.255.122] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.133"] [uri "/.env"] [unique_id "ZbJBPIAZALuCGCrxinbEtQAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-01-25 09:42:29 (2 years ago)	Configuration snooping (/.env): 91.92.255.122 - - [25/Jan/2024:09:42:29 +0000] "GET /.env HTTP/1.1" ... show more Configuration snooping (/.env): 91.92.255.122 - - [25/Jan/2024:09:42:29 +0000] "GET /.env HTTP/1.1" 200 234 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Hacking Web App Attack

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 152.32.149.206

🇨🇳 120.48.7.181

🇩🇪 172.217.33.151

🇦🇺 170.64.170.204

🇧🇷 168.196.30.20

🇺🇸 162.216.149.172

🇺🇸 162.216.149.128

🇭🇰 156.59.197.102

🇺🇸 135.119.96.68

🇰🇷 112.216.129.27

🇸🇬 194.164.107.6

🇬🇧 193.176.29.24

🇮🇩 157.15.63.203

🇸🇦 141.179.118.75

🇨🇦 85.217.149.14

🇮🇳 61.3.148.235

🇨🇳 58.242.190.39

🇲🇾 49.125.201.2

🇳🇱 45.148.10.151

🇺🇸 2607:f8b0:400e:c0c::126