JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.119.36.130

92.119.36.130 was found in our database!

This IP was reported 387 times. Confidence of Abuse is 31%: ?

31%

ISP	Van Veen Beheer B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	metreon-networks.nl
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.119.36.130

Whois 92.119.36.130

IP Abuse Reports for 92.119.36.130:

This IP address has been reported a total of 387 times from 130 distinct sources. 92.119.36.130 was first reported on March 1st 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Octopuce	2026-06-09 13:51:53 (1 week ago)	Aggressive web search of vulnerable pages: /templates/beez/ /css/ /assets/ /wp-content/plugins/wp-th ... show more Aggressive web search of vulnerable pages: /templates/beez/ /css/ /assets/ /wp-content/plugins/wp-theme-editor/ /wp-content/plugins/up/ /fonts/ ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 11:33:43 (1 week ago)	(mod_security) mod_security (id:240000) triggered by 92.119.36.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 92.119.36.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:33:35.418552 2026] [security2:error] [pid 31696:tid 31696] [client 92.119.36.130:60067] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|destructionstudios.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "destructionstudios.com"] [uri "/images/stories/themes.php"] [unique_id "aif6D7rOlV0AmjzunSejTwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 09:33:17 (1 week ago)	Malicious activity detected	Hacking Web App Attack
🇱🇻 garmtech.com	2026-05-30 21:46:21 (2 weeks ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-46.92.119.36.130.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-46.92.119.36.130.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 dtorrer	2026-05-07 05:22:34 (1 month ago)	Client attempted to submit spam on a website post.	Blog Spam
🇺🇸 TPI-Abuse	2026-05-02 15:51:19 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 92.119.36.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:234930) triggered by 92.119.36.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 02 11:51:13.395311 2026] [security2:error] [pid 8558:tid 8558] [client 92.119.36.130:45197] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|www.parkplacemotel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.parkplacemotel.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "afYdcVlkj-xW19RDvoLmFgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-02 15:20:34 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Block Rockin' Beats	2026-05-01 05:46:02 (1 month ago)	Scanning forum with forged referal	Hacking Web App Attack
🇱🇻 garmtech.com	2026-04-17 01:21:23 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-21.92.119.36.130.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-21.92.119.36.130.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 kosada.com	2026-04-11 21:17:46 (2 months ago)	Web vulnerability probing: /wp-includes/Requests/src/Auth/	Web App Attack
🇩🇪 itsolon	2026-04-11 19:23:51 (2 months ago)	[11/Apr/2026:21:23:40 +0200] 177593542011.021928 92.119.36.130 32173 217.154.7.177 80 [11/Apr/2026:2 ... show more [11/Apr/2026:21:23:40 +0200] 177593542011.021928 92.119.36.130 32173 217.154.7.177 80 [11/Apr/2026:21:23:41 +0200] 177593542141.180346 92.119.36.130 32173 217.154.7.177 80 [11/Apr/2026:21:23:45 +0200] 177593542550.760156 92.119.36.130 32173 217.154.7.177 80 [11/Apr/2026:21:23:50 +0200] 177593543051.477742 92.119.36.130 32173 217.154.7.177 80 [11/Apr/2026:21:23:51 +0200] 17759354314.411810 92.119.36.130 32173 217.154.7.177 80 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇺🇸 EGP Abuse Dept	2026-04-11 13:49:00 (2 months ago)	forum signup bot	Web Spam Blog Spam Web App Attack
🇳🇱 wlt-blocker	2026-04-10 21:16:32 (2 months ago)	Unauthorized access to webpage admin	Web App Attack
🇦🇺 oncord	2026-04-10 00:38:33 (2 months ago)	Form spam	Web Spam
🇬🇧 consul.to	2026-04-06 12:09:07 (2 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 387 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇪 91.73.90.101

🇫🇷 90.65.67.160

🇫🇮 85.192.49.91

🇨🇳 59.52.101.229

🇮🇩 202.148.26.242

🇧🇪 198.235.24.226

🇮🇩 163.7.9.84

🇨🇳 150.255.100.159

🇺🇸 165.140.238.74

🇨🇳 121.29.84.246

🇺🇸 66.132.186.164

🇺🇸 44.79.12.143

🇸🇬 43.173.181.99

🇺🇸 3.87.27.156

🇺🇸 172.172.186.3

🇧🇷 170.0.112.222

🇨🇳 101.126.4.215

🇸🇬 101.47.15.26

🇷🇴 92.118.39.62

🇧🇪 198.235.24.150