JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.204.169.2

116.204.169.2 was found in our database!

This IP was reported 174 times. Confidence of Abuse is 100%: ?

100%

ISP	MOACK DC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS138195
Domain Name	moack.co.kr
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.204.169.2

Whois 116.204.169.2

IP Abuse Reports for 116.204.169.2:

This IP address has been reported a total of 174 times from 113 distinct sources. 116.204.169.2 was first reported on May 20th 2026, and the most recent report was 24 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-08 18:16:16 (24 minutes ago)	(caddyscan) Scanner path probe from 116.204.169.2 (KR/South Korea/-): 5 in the last 3600 secs; Ports ... show more (caddyscan) Scanner path probe from 116.204.169.2 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 116.204.169.2 - - [08/Jun/2026:18:16:09 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [08/Jun/2026:18:16:09 +0000] "GET /.git/HEAD HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [08/Jun/2026:18:16:10 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [08/Jun/2026:18:16:10 +0000] "GET /actuator/env HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [08/Jun/2026:18:16:11 +0000] "GET /.env.production HTTP/1.1" show less	Port Scan
🇬🇧 consul.to	2026-06-07 17:19:09 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 gamabe	2026-06-07 06:21:21 (1 day ago)	Detected crowdsecurity/http-sensitive-files attack pattern. Reported by CrowdSec IDS.	Hacking
🇩🇪 MBombeck	2026-06-07 06:01:16 (1 day ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇺🇸 Rip	2026-06-06 21:29:06 (1 day ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
Anonymous	2026-06-06 20:05:09 (1 day ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
Anonymous	2026-06-06 18:20:41 (2 days ago)	(caddyscan) Scanner path probe from 116.204.169.2 (KR/South Korea/-): 5 in the last 3600 secs; Ports ... show more (caddyscan) Scanner path probe from 116.204.169.2 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:18:20:39 +0000] "GET /.git/HEAD HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:18:20:39 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:18:20:39 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:18:20:40 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:18:20:40 +0000] "GET /.env.development HTTP/1.1" show less	Port Scan
🇳🇱 BlueWire Hosting	2026-06-06 17:27:42 (2 days ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇩🇪 updown.io	2026-06-06 16:41:08 (2 days ago)	{"level":"info","ts":1780761755.1803496,"logger":"http.log.access.log0","msg":"handled request","req ... show more {"level":"info","ts":1780761755.1803496,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"116.204.169.2","remote_port":"41866","client_ip":"116.204.169.2","proto":"HTTP/1.1","method":"GET","host":"lsmj.status.updown.io","uri":"/.env.backup","headers":{"User-Agent":["Mozilla/5.0 (compatible; Google-CloudVertexBot; +https://cloud.google.com/vertex-ai-bot)"],"Accept-Encoding":["gzip"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"lsmj.status.updown.io","ech":false}},"bytes_read":0,"user_id":"","duration":0.000102315,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}} {"level":"info","ts":1780761755.1803496,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"116.204.169.2","remote_port":"41866","client_ip":"116.204.169.2","proto":"HTTP/1.1","method":"GET","host":"lsmj.status.updown.io","uri":"/.env.backup","headers":{"User-Agent":[ ... show less	DDoS Attack Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-06 10:33:51 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-06 10:11:56 (2 days ago)	(caddyscan) Scanner path probe from 116.204.169.2 (KR/South Korea/-): 5 in the last 3600 secs; Ports ... show more (caddyscan) Scanner path probe from 116.204.169.2 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:10:11:51 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:10:11:52 +0000] "GET /.git/HEAD HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:10:11:54 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:10:11:54 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 116.204.169.2 - - [06/Jun/2026:10:11:54 +0000] "GET /.env.backup HTTP/1.1" show less	Port Scan
Anonymous	2026-06-06 03:00:21 (2 days ago)	IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Co ... show more IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Country=KR; ASN=138195 MOACK.Co.LTD show less	Hacking
Anonymous	2026-06-06 02:06:01 (2 days ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇬🇧 thetomtaylor.co.uk	2026-06-06 01:08:01 (2 days ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 keep_out	2026-06-05 22:21:57 (2 days ago)	Probing\(3\) HTTP Ports ...	Bad Web Bot Web App Attack

Showing 1 to 15 of 174 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇦 195.222.57.190

🇰🇷 106.240.29.98

🇮🇩 103.168.135.187

🇫🇷 85.69.240.210

🇺🇸 20.169.107.122

🇹🇭 223.204.220.17

🇺🇸 216.25.89.107

🇬🇧 193.32.209.247

🇻🇳 180.93.43.225

🇺🇸 173.40.205.45

🇮🇹 172.253.12.217

🇩🇪 139.162.143.196

🇰🇷 121.189.226.81

🇨🇳 111.26.63.85

🇱🇹 77.90.185.230

🇺🇸 72.36.15.133

🇳🇱 5.83.143.120

🇫🇮 193.142.36.11

🇲🇽 189.198.137.14

🇬🇧 185.247.137.58