JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.245.92.196

172.245.92.196 was found in our database!

This IP was reported 318 times. Confidence of Abuse is 73%: ?

73%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	172-245-92-196.hinet-ip.hinet.net
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.245.92.196

Whois 172.245.92.196

IP Abuse Reports for 172.245.92.196:

This IP address has been reported a total of 318 times from 88 distinct sources. 172.245.92.196 was first reported on September 14th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Marten Mark	2026-05-29 13:50:24 (1 week ago)	172.245.92.196 - - [29/May/2026:13:50:23 +0000] "GET /.env HTTP/1.1" 301 166 "-" "Mozilla/5.0 (Macin ... show more 172.245.92.196 - - [29/May/2026:13:50:23 +0000] "GET /.env HTTP/1.1" 301 166 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" ... show less	Web App Attack Bad Web Bot
🇮🇪 eyesilyurt	2026-05-29 12:53:55 (1 week ago)	a- login authenticator failed Incorrect authentication data	Brute-Force SSH
🇮🇪 eyesilyurt	2026-05-29 11:51:29 (1 week ago)	n- login authenticator failed Incorrect authentication data	Brute-Force SSH
🇺🇸 mnsf	2026-05-29 09:05:03 (1 week ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇧🇪 cmbplf	2026-05-23 05:31:47 (2 weeks ago)	162 requests with url.path *.env	Brute-Force Bad Web Bot
🇧🇪 sid3windr	2026-05-20 23:43:49 (2 weeks ago)	GET /.git/config (Tarpitted for 1d15h8m32s, wasted 8.06MB)	Web App Attack
🇧🇪 sid3windr	2026-05-20 19:37:26 (2 weeks ago)	GET /.git/config (Tarpitted for 1d15h8m29s, wasted 8.06MB)	Web App Attack
🇮🇹 Inartis	2026-05-19 09:58:09 (2 weeks ago)	172.245.92.196 - - [19/May/2026:09:58:08 +0000] "GET /.git/config HTTP/1.1" 404 3661 "-" "Mozilla/5. ... show more 172.245.92.196 - - [19/May/2026:09:58:08 +0000] "GET /.git/config HTTP/1.1" 404 3661 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_12) AppleWebKit/618.17.9 (KHTML, like Gecko) Version/17.4 Safari/618.17.9" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 penjaga BRIN	2026-05-19 09:24:00 (2 weeks ago)	Suspicious malicious activity	Hacking
🇫🇮 kumiko	2026-05-19 09:08:51 (2 weeks ago)	[2026-05-19 12:08:50] Probing for dotfiles "GET /.git/config HTTP/1.1" 403	Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-05-19 09:06:01 (2 weeks ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,wa01,wa02]	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 08:23:38 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.245.92.196 (172-245-92-196.hinet-ip.hinet.n ... show more (mod_security) mod_security (id:210492) triggered by 172.245.92.196 (172-245-92-196.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 04:23:31.097878 2026] [security2:error] [pid 15862:tid 15862] [client 172.245.92.196:35950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tickets.joelsarakula.com"] [uri "/.git/config"] [unique_id "agweA5Yg-ZInSammC6m8zgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-19 08:15:56 (2 weeks ago)	172.245.92.196 - - [19/May/2026:08:15:56 +0000] "GET /.git/config HTTP/1.1" 301 565 "-" "Mozilla/5.0 ... show more 172.245.92.196 - - [19/May/2026:08:15:56 +0000] "GET /.git/config HTTP/1.1" 301 565 "-" "Mozilla/5.0 (Debian; Linux i686; rv:120.0) Gecko/20100101 Firefox/120.0" ... show less	Brute-Force Web App Attack
🇧🇷 SOC PR	2026-05-19 08:08:10 (2 weeks ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇫🇷 Dechavanne	2026-05-19 08:00:15 (2 weeks ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack

Showing 1 to 15 of 318 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4001:c76::128

🇳🇱 176.65.139.56

🇵🇭 119.92.251.145

🇷🇺 80.69.186.68

🇧🇭 38.54.2.53

🇹🇼 218.32.108.24

🇺🇸 216.25.89.76

🇬🇧 213.166.84.45

🇲🇻 209.212.196.186

🇸🇪 195.178.191.5

🇷🇺 176.109.97.11

🇮🇩 43.129.33.244

🇻🇳 27.79.6.12

🇩🇪 165.232.125.188

🇺🇸 161.35.7.79

🇵🇰 157.10.227.34

🇨🇳 124.227.31.11

🇰🇷 118.37.214.187

🇻🇳 103.48.192.48

🇷🇴 92.118.39.236