JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.92.42.243

91.92.42.243 was found in our database!

This IP was reported 1,305 times. Confidence of Abuse is 100%: ?

100%

ISP	Euro Crypt EOOD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209630
Domain Name	evro.net
Country	🇳🇱 Netherlands
City	Rotterdam, South Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.92.42.243

Whois 91.92.42.243

IP Abuse Reports for 91.92.42.243:

This IP address has been reported a total of 1,305 times from 232 distinct sources. 91.92.42.243 was first reported on May 25th 2026, and the most recent report was 15 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 AS213449.net	2026-05-26 04:58:57 (1 week ago)	05/26/2026-06:58:53.793532 src=91.92.42.243 dst=89.144.63.69:5432 proto=6 msg=ET SCAN Suspicious inb ... show more 05/26/2026-06:58:53.793532 src=91.92.42.243 dst=89.144.63.69:5432 proto=6 msg=ET SCAN Suspicious inbound to PostgreSQL port 5432 show less	SQL Injection
🇨🇦 lakered	2026-05-26 04:56:25 (1 week ago)	Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkho ... show more Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkhole \| Nginx: Default server trap hit \| Tech Evidence: JA4: t13i1909h2 \| UA: check-host.cc Intel Platform (https://check-host.cc/about/scan-infra; [email protected]) show less	Port Scan Bad Web Bot Exploited Host
🇦🇺 FEWA	2026-05-26 04:46:56 (1 week ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-05-26 04:43:25 (1 week ago)	LF_EXIMSYNTAX: (eximsyntax) Exim syntax errors from 91.92.42.243 (BG/Bulgaria/-): 1 in the last 3600 ... show more LF_EXIMSYNTAX: (eximsyntax) Exim syntax errors from 91.92.42.243 (BG/Bulgaria/-): 1 in the last 3600 secs show less	Brute-Force
🇩🇪 AS213449.net	2026-05-26 04:39:37 (1 week ago)	05/26/2026-06:39:34.247603 src=91.92.42.243 dst=89.144.63.175:3306 proto=6 msg=ET SCAN Suspicious in ... show more 05/26/2026-06:39:34.247603 src=91.92.42.243 dst=89.144.63.175:3306 proto=6 msg=ET SCAN Suspicious inbound to mySQL port 3306 show less	SQL Injection
Anonymous	2026-05-26 04:39:02 (1 week ago)	May 26 00:38:53 localhost kernel: [108115664.356566] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more May 26 00:38:53 localhost kernel: [108115664.356566] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=91.92.42.243 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=1634 PROTO=TCP SPT=61430 DPT=27017 WINDOW=1024 RES=0x00 SYN URGP=0 May 26 00:38:53 localhost kernel: [108115664.356790] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=91.92.42.243 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=240 ID=1634 PROTO=TCP SPT=61430 DPT=27017 SEQ=2733838229 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 May 26 00:39:02 localhost kernel: [108115673.607397] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=91.92.42.243 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=491 PROTO=TCP SPT=61080 DPT=27017 WINDOW=1024 RES=0x00 SYN URGP=0 May 26 00:39:02 localhost kernel: [108115673.607437] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=91.92.42.243 DST=[mungedIP2] LEN=40 TOS=0x00 P show less	Port Scan
🇩🇪 ValtonTahiri	2026-05-26 04:34:45 (1 week ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=91.92.42.243; proto=TCP; source_port=61481; target_port=23; flags=SYN show less	Port Scan
🇺🇸 LSPCCU	2026-05-26 04:32:13 (1 week ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: Port Scan, Hacking, Brute-Force, We ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: ssh-telnet, cowrie. Context: Attacker IP from Bulgaria (AS209630, LLC Vash Kredit Bank). show less	Port Scan Hacking Brute-Force Web App Attack SSH
🇫🇷 ISPLtd	2026-05-26 04:25:37 (1 week ago)	May 26 01:25:37 91.92.42.243 TCP SPT=61470 DPT=22 SYN ...	Port Scan SSH
🇮🇹 Progetto1	2026-05-26 04:25:03 (1 week ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-05-26 04:24:16 (1 week ago)	Unauthorized access (tcp/22/ssh)	Port Scan SSH
🇺🇸 xmission.com	2026-05-26 04:14:41 (1 week ago)	Blocked by UFW (TCP on 443) Source port: 61007 TTL: 238 Packet length: 40 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 443) Source port: 61007 TTL: 238 Packet length: 40 TOS: 0x00 This report (for 91.92.42.243) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 RAP	2026-05-26 04:13:19 (1 week ago)	2026-05-26 04:13:19 UTC Unauthorized activity to TCP port 3306.	Port Scan
🇩🇪 AS213449.net	2026-05-26 04:07:46 (1 week ago)	05/26/2026-06:07:43.299775 src=91.92.42.243 dst=5.175.170.185:3306 proto=6 msg=ET SCAN Suspicious in ... show more 05/26/2026-06:07:43.299775 src=91.92.42.243 dst=5.175.170.185:3306 proto=6 msg=ET SCAN Suspicious inbound to mySQL port 3306 show less	SQL Injection
🇩🇪 lister171254	2026-05-26 04:04:45 (1 week ago)	May 26 06:04:45 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 sec ... show more May 26 06:04:45 imap-login: Info: Disconnected: Too many invalid commands (no auth attempts in 0 secs): user=<>, rip=91.92.42.243, lip=45.92.8.208, TLS, TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) ... show less	Brute-Force

Showing 1201 to 1215 of 1305 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.206

🇺🇸 159.89.226.194

🇷🇴 80.94.92.182

🇳🇱 45.148.10.151

🇱🇹 2a02:4780:9:1024:0:614:eb00:1

🇨🇳 223.223.199.221

🇫🇷 141.94.194.132

🇺🇸 65.49.1.176

🇩🇪 43.165.3.187

🇧🇷 34.95.171.33

🇺🇸 20.65.193.168

🇺🇸 166.239.184.117

🇮🇳 152.32.158.74

🇰🇷 118.37.214.187

🇺🇸 109.105.209.9

🇬🇧 87.236.176.46

🇲🇰 77.29.164.61

🇺🇸 64.62.156.119

🇵🇭 49.149.182.75

🇳🇱 185.223.235.7