JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.92.42.242

91.92.42.242 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 80%: ?

80%

ISP	Euro Crypt EOOD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209630
Domain Name	evro.net
Country	🇳🇱 Netherlands
City	Rotterdam, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.92.42.242

Whois 91.92.42.242

IP Abuse Reports for 91.92.42.242:

This IP address has been reported a total of 24 times from 15 distinct sources. 91.92.42.242 was first reported on May 28th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 findlab	2026-06-07 05:05:01 (9 hours ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇪🇸 pipeline.es	2026-06-06 11:20:49 (1 day ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇪🇸 pipeline.es	2026-06-06 09:39:17 (1 day ago)	Web scanning / probing for vulnerable paths \| URL: /joomla/administrator/ \| Evidence: altovolta.es 9 ... show more Web scanning / probing for vulnerable paths \| URL: /joomla/administrator/ \| Evidence: altovolta.es 91.92.42.242 - - [06/Jun/2026:11:38:45 +0200] \"GET /joomla/administrator/ HTTP/1.1\" 404 219 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36\" GEOIP_COUNTRY_CODE=BG \| Country: SE show less	Port Scan Web App Attack
🇨🇭 Origon	2026-06-06 02:14:46 (1 day ago)	http-admin-interface-probing - IP: 91.92.42.242 - time="2026-06-06T04:14:45+02:00" level=info msg=" ... show more http-admin-interface-probing - IP: 91.92.42.242 - time="2026-06-06T04:14:45+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-admin-interface-probing by ip 91.92.42.242 (SE/0) : 4h ban on Ip 91.92.42.242" module=db show less	Web App Attack
🇦🇹 Pingger Shikkoken	2026-06-06 02:01:50 (1 day ago)	2026-06-06T02:01:50+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-06T02:01:50+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=91.92.42.242 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=25347 DF PROTO=TCP SPT=51788 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-06T02:01:51+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=91.92.42.242 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=25348 DF PROTO=TCP SPT=51788 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-06T02:01:52+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=91.92.42.242 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=25349 DF PROTO=TCP SPT=51788 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
Anonymous	2026-06-05 15:06:14 (1 day ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (12/60 min)'; Requests=12	Port Scan
🇯🇵 Valhalla	2026-06-05 13:26:54 (2 days ago)	/administrator/	Hacking Web App Attack
🇺🇸 mnsf	2026-06-04 14:05:58 (3 days ago)	Too many Status 40X (16)	Brute-Force Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-04 08:06:55 (3 days ago)	Scanning for web/db/file exploits on tpc-031.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack
Anonymous	2026-06-04 05:45:55 (3 days ago)	hie-Joomla Admin : try to force the door...	Hacking
🇳🇱 i-turnradio.nl	2026-06-02 16:15:55 (4 days ago)	2026-06-02 @ 18:15:55 (CET) ~ Blocked for trying to access: /administrator/	Web App Attack
🇮🇩 soc-yk	2026-06-01 16:06:13 (5 days ago)	Type: suspicious_network_activity Threat: unknown Risk: 62 Events: 167 Evidence: - Persistent suspi ... show more Type: suspicious_network_activity Threat: unknown Risk: 62 Events: 167 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇪🇸 el-brujo	2026-06-01 14:54:57 (5 days ago)	Cloudflare WAF: Request Path: /portal/administrator/ Request Query: Host: foro.elhacker.net userAge ... show more Cloudflare WAF: Request Path: /portal/administrator/ Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: LLC VASH KREDIT BANK Country: NL Method: GET Timestamp: 2026-06-01T14:54:57Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
Anonymous	2026-06-01 14:40:56 (5 days ago)	"GET /administrator/index2.php HTTP/1.1"	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-01 12:00:38 (6 days ago)	Mixed case PHP extension detected (PhP, PhP5, Phtml, etc). Threat Score: 7.9/10 (HIGH). Confidence: ... show more Mixed case PHP extension detected (PhP, PhP5, Phtml, etc). Threat Score: 7.9/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 86%. MITRE ATT&CK: T1110 (Brute Force). Tactic: TA0001. Freshness: Moderate. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.122

🇲🇽 186.96.145.241

🇺🇸 172.253.196.22

🇳🇬 102.90.100.240

🇺🇸 2604:a880:400:d1:0:4:8c0c:8001

🇳🇱 185.224.138.102

🇵🇰 153.117.9.64

🇮🇩 103.189.110.48

🇨🇳 101.201.246.14

🇺🇸 64.62.156.83

🇮🇩 46.202.186.249

🇳🇱 45.148.10.147

🇸🇬 43.98.175.35

🇨🇳 27.16.238.28

🇨🇳 14.103.114.221

🇬🇧 5.226.140.109

🇬🇧 5.226.140.73

🇬🇧 213.166.84.54

🇲🇾 202.58.89.98

🇧🇷 191.54.80.93