JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 164.92.164.95

164.92.164.95 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 0%: ?

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 164.92.164.95

Whois 164.92.164.95

IP Abuse Reports for 164.92.164.95:

This IP address has been reported a total of 8 times from 6 distinct sources. 164.92.164.95 was first reported on September 16th 2024, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2025-12-21 23:45:00 (5 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇧🇷 somosbr	2025-12-21 08:09:24 (5 months ago)	[2025-12-21T08:09:24Z] Unsolicited scan from 164.92.164.95 to port 8000/tcp	Port Scan
🇺🇸 myagent.site	2024-10-27 09:15:35 (1 year ago)	Blocked user enumeration attempt	Hacking
🇺🇸 TPI-Abuse	2024-10-26 21:38:51 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 164.92.164.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 164.92.164.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 17:38:44.637833 2024] [security2:error] [pid 26786:tid 26786] [client 164.92.164.95:41580] [client 164.92.164.95] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.152.176.135 (+1 hits since last alert)\|tttns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tttns.com"] [uri "/xmlrpc.php"] [unique_id "Zx1hZGFUoGNy3C48D2J6iAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-10-16 19:24:28 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 164.92.164.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 164.92.164.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 16 15:24:24.940051 2024] [security2:error] [pid 16475:tid 16475] [client 164.92.164.95:34362] [client 164.92.164.95] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 185.104.184.43 (0+1 hits since last alert)\|www.plazahacienda.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.plazahacienda.com"] [uri "/xmlrpc.php"] [unique_id "ZxAS6MF9a9XFpHkL11TciAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 fynndows.de	2024-09-29 19:42:39 (1 year ago)	Requested URL: /, Method: GET, User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537 ... show more Requested URL: /, Method: GET, User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.86 Safari/537.36 show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-09-29 08:27:35 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-09-16 20:52:02 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 164.92.164.95 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 164.92.164.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 16:51:56.471702 2024] [security2:error] [pid 30181:tid 30181] [client 164.92.164.95:43864] [client 164.92.164.95] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 141.98.102.179 (0+1 hits since last alert)\|www.puckerbackbikini.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.puckerbackbikini.com"] [uri "/xmlrpc.php"] [unique_id "ZuiabFnmv5xHGFER_QzX_AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 199.47.82.21

🇺🇸 66.175.220.105

🇸🇬 47.84.111.226

🇲🇾 195.86.192.66

🇮🇳 182.95.181.34

🇳🇱 178.16.53.41

🇺🇸 161.35.124.147

🇨🇳 121.229.25.10

🇧🇩 103.154.158.70

🇦🇺 103.76.236.73

🇳🇱 77.91.71.12

🇨🇳 58.56.151.234

🇺🇸 157.245.114.249

🇫🇮 147.185.133.132

🇳🇱 109.236.50.3

🇮🇳 103.84.236.242

🇱🇺 83.142.209.214

🇦🇷 190.83.64.106

🇮🇳 182.95.228.22

🇧🇬 79.124.62.230