JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 164.92.252.247

164.92.252.247 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 90%: ?

90%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 164.92.252.247

Whois 164.92.252.247

IP Abuse Reports for 164.92.252.247:

This IP address has been reported a total of 21 times from 19 distinct sources. 164.92.252.247 was first reported on January 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 pixiekat	2026-06-17 16:09:18 (1 day ago)	[Wed Jun 17 17:07:18.114729 2026] [authz_core:error] [pid 185036:tid 185143] [client 164.92.252.247: ... show more [Wed Jun 17 17:07:18.114729 2026] [authz_core:error] [pid 185036:tid 185143] [client 164.92.252.247:55496] AH01630: client denied by server configuration: /var/www/html/.env [Wed Jun 17 17:08:07.425046 2026] [authz_core:error] [pid 185037:tid 185113] [client 164.92.252.247:55024] AH01630: client denied by server configuration: /var/www/html/wp-config.php [Wed Jun 17 17:08:35.468273 2026] [authz_core:error] [pid 185036:tid 185143] [client 164.92.252.247:36708] AH01630: client denied by server configuration: /var/www/html/phpinfo.php [Wed Jun 17 17:09:00.659773 2026] [authz_core:error] [pid 185036:tid 185120] [client 164.92.252.247:46220] AH01630: client denied by server configuration: /var/www/html/config [Wed Jun 17 17:09:18.115793 2026] [authz_core:error] [pid 185036:tid 185156] [client 164.92.252.247:35314] AH01630: client denied by server configuration: /var/www/html/includes ... show less	Brute-Force
🇫🇷 dynamix	2026-06-17 08:27:26 (1 day ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 07:20:22 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 164.92.252.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 164.92.252.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 03:20:14.194209 2026] [security2:error] [pid 21806:tid 21806] [client 164.92.252.247:37290] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.17"] [uri "/.git/HEAD"] [unique_id "ajJKrsF6gW2RuLoK4sM_0gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-06-17 07:07:15 (1 day ago)	F2B - Malicious activity detected. Excessive port scans. -c23856ef-	Port Scan
🇦🇺 HostFission	2026-06-17 06:17:29 (1 day ago)	PSAD port scan detected	Port Scan
Anonymous	2026-06-17 05:59:14 (1 day ago)	Port Scan detected from 164.92.252.247 (DE/Germany/-). 5 hits in the last 55 seconds	Brute-Force Port Scan
Anonymous	2026-06-17 05:55:29 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 2087 [2], 2078 [1], 2077 [1], 2095 [1], 2086 [1] ... show more Honeypot hit: Empty payload (likely service probe); 2087 [2], 2078 [1], 2077 [1], 2095 [1], 2086 [1], 2096 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 technash	2026-06-17 03:50:00 (2 days ago)	Port scanning detection [Fortinet/Sentinel]. Deny/drop traffic.	Port Scan
🇺🇸 TPI-Abuse	2026-06-17 03:30:22 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 164.92.252.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 164.92.252.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 23:30:15.817869 2026] [security2:error] [pid 5774:tid 5774] [client 164.92.252.247:40056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.20"] [uri "/.git/HEAD"] [unique_id "ajIUx8W99DcubYX_67IHTQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-06-17 02:21:05 (2 days ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-17 02:20:08.709 \|	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 01:32:05 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 164.92.252.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 164.92.252.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 21:32:01.897796 2026] [security2:error] [pid 8193:tid 8193] [client 164.92.252.247:40784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.119"] [uri "/.git/HEAD"] [unique_id "ajH5ERGpQbf98h9m_2Gn-AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-17 01:21:17 (2 days ago)	Fail2Ban Log Report 164.92.252.247 - [17/Jun/2026:03:21:14 +0200] "GET /.git/config HTTP/1.1" 301 16 ... show more Fail2Ban Log Report 164.92.252.247 - [17/Jun/2026:03:21:14 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" ... show less	Hacking SQL Injection Web App Attack
🇷🇸 Scan	2026-06-17 00:36:31 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇨🇦 Tanados	2026-06-17 00:17:46 (2 days ago)	Blocked by UFW [2083/tcp] Source port: 34208 TTL: 49 Packet length: 60 TOS: 0x00 This report was ge ... show more Blocked by UFW [2083/tcp] Source port: 34208 TTL: 49 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 pixelboost.kr	2026-06-17 00:06:27 (2 days ago)	164.92.252.247 - - [17/Jun/2026:09:06:22 +0900] "GET /.git/refs/heads/master HTTP/1.1" 404 181 "-" " ... show more 164.92.252.247 - - [17/Jun/2026:09:06:22 +0900] "GET /.git/refs/heads/master HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 164.92.252.247 - - [17/Jun/2026:09:06:26 +0900] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 89.21.67.178

🇸🇬 209.42.27.89

🇺🇸 208.109.191.140

🇨🇴 200.7.106.67

🇳🇱 195.178.110.30

🇧🇷 190.115.84.25

🇭🇰 172.253.6.27

🇮🇹 146.75.186.17

🇳🇱 45.148.10.62

🇺🇸 34.239.185.62

🇺🇸 20.40.216.117

🇺🇸 193.56.116.11

🇦🇷 190.220.172.154

🇲🇴 182.93.7.194

🇧🇩 103.153.171.96

🇳🇱 91.92.40.171

🇮🇳 49.204.138.47

🇨🇳 8.136.189.162

🇩🇪 194.88.98.94

🇳🇱 193.176.31.242