AbuseIPDB » 146.190.92.28

146.190.92.28 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 40%: ?

40%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 146.190.92.28

Whois 146.190.92.28

IP Abuse Reports for 146.190.92.28:

This IP address has been reported a total of 30 times from 20 distinct sources. 146.190.92.28 was first reported on February 12th 2025, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Ridwan Na'im	2025-02-19 09:05:33 (1 month ago)	Multiple web server 400 error codes from same source ip. - Vulnerability Scanning	Hacking Web App Attack
Bytemark	2025-02-17 12:55:52 (1 month ago)	146.190.92.28 - - [17/Feb/2025:12:55:09 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ... show more146.190.92.28 - - [17/Feb/2025:12:55:09 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 5812 "-" "python-requests/2.32.3" 146.190.92.28 - - [17/Feb/2025:12:55:09 +0000] "GET /laravel/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 531 "-" "python-requests/2.32.3" show less	Brute-Force Web App Attack
cmbplf	2025-02-17 12:21:08 (1 month ago)	1.026 requests to *.alfa	Brute-Force Bad Web Bot
robotstxt	2025-02-17 10:34:35 (1 month ago)	146.190.92.28 - - [17/Feb/2025:10:34:26 +0000] "GET /cgi-bin/alfacgiapi/perl.alfa HTTP/1.1" 404 4877 ... show more146.190.92.28 - - [17/Feb/2025:10:34:26 +0000] "GET /cgi-bin/alfacgiapi/perl.alfa HTTP/1.1" 404 48779 "-" rt="0.310" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" "-" h="economipedia.com" sn="economipedia.com" ru="/cgi-bin/alfacgiapi/perl.alfa" u="/index.php" ucs="-" ua="unix:/var/run/php/economipedia74.sock" us="404" uct="0.000" urt="0.309" 146.190.92.28 - - [17/Feb/2025:10:34:27 +0000] "GET /cgi-bin/alfacgiapi/perl.alfa HTTP/1.1" 404 48779 "-" rt="0.285" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" "-" h="economipedia.com" sn="economipedia.com" ru="/cgi-bin/alfacgiapi/perl.alfa" u="/index.php" ucs="-" ua="unix:/var/run/php/economipedia74.sock" us="404" uct="0.000" urt="0.286" 146.190.92.28 - - [17/Feb/2025:10:34:28 +0000] "GET /cgi-bin/a ... show less	Bad Web Bot
Ridwan Na'im	2025-02-17 01:53:37 (1 month ago)	Multiple web server 400 error codes from same source ip. - Vulnerability Scanning	Hacking Web App Attack
mawan	2025-02-16 19:05:40 (1 month ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
zam	2025-02-16 04:19:16 (1 month ago)	146.190.92.28 - - [16/Feb/2025:11:19:01 +0700] "POST /alfacgiapi/perl.alfa HTTP/1.1" 404 404 "-" "Mo ... show more146.190.92.28 - - [16/Feb/2025:11:19:01 +0700] "POST /alfacgiapi/perl.alfa HTTP/1.1" 404 404 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" 146.190.92.28 - - [16/Feb/2025:11:19:01 +0700] "POST /alfacgiapi/perl.alfa HTTP/1.1" 404 403 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" 146.190.92.28 - - [16/Feb/2025:11:19:02 +0700] "POST /alfacgiapi/bash.alfa HTTP/1.1" 404 403 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36" 146.190.92.28 - - [16/Feb/2025:11:19:02 +0700] "POST /alfacgiapi/bash.alfa HTTP/1.1" 404 403 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KH ... show less	Web App Attack
Ridwan Na'im	2025-02-16 00:22:29 (1 month ago)	Multiple web server 400 error codes from same source ip. - Vulnerability Scanning	Hacking Web App Attack
ps-center	2025-02-15 08:55:48 (1 month ago)	SS5: Web Attack POST /wp-includes/alfacgiapi/perl.alfa	Web Spam Hacking Bad Web Bot Web App Attack
hermawan	2025-02-15 03:49:03 (1 month ago)	[Sat Feb 15 10:49:03.156758 2025] [security2:error] [pid 29877:tid 140404309595840] [client 146.190. ... show more[Sat Feb 15 10:49:03.156758 2025] [security2:error] [pid 29877:tid 140404309595840] [client 146.190.92.28:52123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "dev.html" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "29"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: dev.html found within REQUEST_FILENAME: /js/fileman/dev.html request_line = GET /js/fileman/dev.html HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/js/fileman/dev.html"] [unique_id "Z7AOr-zz4kKCvb2QDU243AAAAWE"] [staklim-malang.info] [staklim-malang.info] top=[30012] [sykQLC6ymew] [Z7AOr-zz4kKCvb2QDU243AAAAWE] keep_alive=[0] [2025-02-15 10:49:03.156761] [R:Z7AOr-zz4kKCvb2QDU243AAAAWE] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36' Host:'staklim-malang.info' ACCEPT:'/' Accept-Encoding:'gzip, defl ... show less	Hacking Web App Attack
Apache	2025-02-14 19:17:11 (1 month ago)	(mod_security) mod_security (id:20000010) triggered by 146.190.92.28 (SG/Singapore/-): 5 in the last ... show more(mod_security) mod_security (id:20000010) triggered by 146.190.92.28 (SG/Singapore/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
yukon.ca	2025-02-14 17:58:26 (1 month ago)	Web Server Enforcement Violation: ALFA Webshell Over HTTP Port:80	Hacking Exploited Host
Anonymous	2025-02-14 17:18:52 (1 month ago)	$f2bV_matches	Brute-Force Web App Attack
polycoda	2025-02-14 12:23:12 (1 month ago)	🔥 VERY AGGRESSIVE SCANNER probed over 2500 inexistent files and PHP scripts in less than an hour.	Hacking Web App Attack
hermawan	2025-02-14 09:54:40 (1 month ago)	[Fri Feb 14 16:54:40.089541 2025] [security2:error] [pid 180813:tid 140349557155520] [client 146.190 ... show more[Fri Feb 14 16:54:40.089541 2025] [security2:error] [pid 180813:tid 140349557155520] [client 146.190.92.28:60569] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "dev.html" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.10.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "29"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: dev.html found within REQUEST_FILENAME: /js/fileman/dev.html request_line = GET /js/fileman/dev.html HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/js/fileman/dev.html"] [unique_id "Z68S4F1Fek7SkT_ThfOSkAAAAUA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[180915] [bM3DKf+OBaE] [Z68S4F1Fek7SkT_ThfOSkAAAAUA] keep_alive=[0] [2025-02-14 16:54:40.089551] [R:Z68S4F1Fek7SkT_ThfOSkAAAAUA] UA:'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36' Host:'staklim-jatim.bmkg.go.id' ACCEPT:'/' Accep ... show less	Hacking Web App Attack