JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 164.92.206.94

164.92.206.94 was found in our database!

This IP was reported 334 times. Confidence of Abuse is 100%: ?

100%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 164.92.206.94

Whois 164.92.206.94

IP Abuse Reports for 164.92.206.94:

This IP address has been reported a total of 334 times from 221 distinct sources. 164.92.206.94 was first reported on April 16th 2025, and the most recent report was 17 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 05:37:52 (2 days ago)	Honeypot hit: HTTP/1.1 request on 1234 GET /solr/admin/info/system User-Agent: Go-http-client/1.1; ... show more Honeypot hit: HTTP/1.1 request on 1234 GET /solr/admin/info/system User-Agent: Go-http-client/1.1; 1234 [6] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇯🇵 Execoop	2026-06-02 05:04:46 (2 days ago)	API honeypot \| LLM Recon (Ollama) \| 3 HTTP, 1s \| tactics: outbound scan \| Ollama: /api/tags,/api/ver ... show more API honeypot \| LLM Recon (Ollama) \| 3 HTTP, 1s \| tactics: outbound scan \| Ollama: /api/tags,/api/version show less	Hacking Web App Attack
🇺🇸 donarev419	2026-06-02 04:55:06 (2 days ago)	Connection to port 9042 with data transfer. Data preview:	Port Scan Hacking
🇿🇦 slartybartfast69420blazit	2026-06-01 20:11:32 (2 days ago)	Fail2ban picked up 164.92.206.94 attacking nginx	Web App Attack
🇺🇸 chronos	2026-06-01 06:22:41 (3 days ago)	[AUTORAVALT][[01/06/2026 - 03:22:41 -03:00 UTC] Attack from [DigitalOcean, LLC] [164.92.206.94] Acti ... show more [AUTORAVALT][[01/06/2026 - 03:22:41 -03:00 UTC] Attack from [DigitalOcean, LLC] [164.92.206.94] Action: BLocKed Phishing -> Phishing websites and/or email. Email Spam -> Spam email content, infected attachments, and phishing emails. Hacking... Unauthorized attempts to access the server. Spoofing -> Email sender spoofing. Brute-Force -> Credential brute-force a] ... show less	Brute-Force Email Spam Spoofing Phishing Hacking
🇩🇪 manuelisus	2026-06-01 06:06:44 (3 days ago)	Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +10: hosting_provider_digital ... show more Honeypot HTTP: +10: honeypot_connection, +15: short_automated_session, +10: hosting_provider_digital, +15: cloud_provider_DigitalOcean, +10: os_server_linux show less	Web App Attack Hacking
🇸🇬 WMK965	2026-05-31 23:15:25 (3 days ago)	164.92.206.94 - - [01/Jun/2026:07:15:24 +0800] "GET /v2/_catalog HTTP/1.1" 444 0 "-" "Go-http-client ... show more 164.92.206.94 - - [01/Jun/2026:07:15:24 +0800] "GET /v2/_catalog HTTP/1.1" 444 0 "-" "Go-http-client/1.1" "-" 164.92.206.94 - - [01/Jun/2026:07:15:24 +0800] "GET /v2/_catalog HTTP/1.1" 444 0 "-" "Go-http-client/1.1" "-" 164.92.206.94 - - [01/Jun/2026:07:15:25 +0800] "GET /v2/_catalog HTTP/1.1" 444 0 "-" "Go-http-client/1.1" "-" show less	Port Scan Web App Attack
🇩🇪 Admins@FBN	2026-05-31 19:57:57 (3 days ago)	Threat Host blocked...	Hacking Web Spam Email Spam Port Scan
🇩🇪 Roper123	2026-05-31 17:34:25 (3 days ago)	Web exploits	Web App Attack
🇩🇪 Justin F. \| AS204464	2026-05-31 17:10:31 (3 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 10250 [1] TCP Reported by: Justi ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 10250 [1] TCP Reported by: Justin F. show less	Port Scan
🇩🇪 dispaisyenterprises	2026-05-31 16:03:45 (3 days ago)	Honeypot [fra-de-honeypot]: HTTP/1.1 request on 18789 GET / User-Agent: Mozilla/5.0 (compatible; Od ... show more Honeypot [fra-de-honeypot]: HTTP/1.1 request on 18789 GET / User-Agent: Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/) Accept: / Accept-Encoding: gzip; 18789 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Bad Web Bot
🇳🇱 ParaBug	2026-05-31 13:34:40 (3 days ago)	164.92.206.94 - - [31/May/2026:15:34:39 +0200] "GET / HTTP/1.0" 400 568 "-" "-" ...	Phishing Brute-Force Web App Attack
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-31 08:47:04 (3 days ago)	Honeypot hit: HTTP/1.1 request on 8500 GET / User-Agent: Mozilla/5.0 (compatible; Odin; https://doc ... show more Honeypot hit: HTTP/1.1 request on 8500 GET / User-Agent: Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/) Accept: / Accept-Encoding: gzip; 8500 [1] TCP show less	Web App Attack
🇹🇼 kk_it_man	2026-05-31 01:20:07 (4 days ago)		Hacking
Anonymous	2026-05-30 21:53:09 (4 days ago)	Reported from Nginx log analysis 17. Log: 164.92.206.94 - - [30/May/2026:xx:xx:xx 0200] "GET / HTTP ... show more Reported from Nginx log analysis 17. Log: 164.92.206.94 - - [30/May/2026:xx:xx:xx 0200] "GET / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (compatible; Odin; https://docs.getodin.com/)" "-" "DE Germany Frankfurt am Main" "AS14061" "DigitalOcean, LLC" show less	Port Scan Brute-Force SSH

Showing 91 to 105 of 334 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.237

🇬🇧 193.163.125.22

🇺🇿 95.46.211.142

🇨🇳 61.169.193.210

🇦🇪 198.38.94.18

🇨🇳 180.100.198.68

🇺🇸 162.241.152.21

🇲🇾 117.53.155.161

🇰🇷 115.178.75.242

🇫🇷 92.205.109.21

🇫🇮 86.54.25.234

🇪🇸 84.246.215.129

🇺🇸 76.74.150.109

🇺🇸 71.6.233.199

🇳🇱 45.148.10.95

🇧🇪 34.156.198.130

🇧🇪 34.52.166.216

🇧🇪 207.175.0.176

🇮🇳 202.141.83.175

🇬🇹 190.104.120.178