JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.220.14.87

192.220.14.87 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 39%: ?

39%

ISP	NTT America, Inc.
Usage Type	Fixed Line ISP
ASN	AS2914
Domain Name	ntt.com
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.220.14.87

Whois 192.220.14.87

IP Abuse Reports for 192.220.14.87:

This IP address has been reported a total of 12 times from 6 distinct sources. 192.220.14.87 was first reported on June 25th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 14:00:56 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 10:00:51.372228 2026] [security2:error] [pid 25965:tid 25965] [client 192.220.14.87:38850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.himba.org.mrcd.org"] [uri "/.env.test"] [unique_id "akJ6k73HiIBrDdJqxKtRKgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 18:15:40 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 14:15:35.523994 2026] [security2:error] [pid 25776:tid 25776] [client 192.220.14.87:58278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kurtkaufman.com"] [uri "/.env"] [unique_id "akFkxzwKSrZvNurO-w4raQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 13:20:02 (2 days ago)	suspicious request in access.log	Web App Attack
🇺🇸 mnsf	2026-06-27 10:05:32 (2 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-26 22:02:47 (2 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-26 15:55:23 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:55:16.968567 2026] [security2:error] [pid 13805:tid 13805] [client 192.220.14.87:44586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.unwaved.com"] [uri "/storage/framework/.env"] [unique_id "aj6g5DJFwFlwCgYPgbYQgwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-25 22:03:45 (3 days ago)	Auto-ban: >3000 req/min op 2026-06-25	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-25 21:34:56 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
Anonymous	2026-06-25 18:07:02 (4 days ago)	Automated web scanner. Requested suspicious paths: /.env.local. UTC: 2026-06-25 17:21:12.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 15:38:41 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 192.220.14.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:38:34.115114 2026] [security2:error] [pid 27759:tid 27759] [client 192.220.14.87:52620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "quintanotariaconcepcion.cl.tecnoconce.com"] [uri "/.env.production"] [unique_id "aj1LevAKGl33BaEDtT2HyAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-25 15:08:05 (4 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.production	Web App Attack
🇱🇻 garmtech.com	2026-06-25 15:07:41 (4 days ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env.local	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.17.1.118

🇧🇷 205.210.31.186

🇹🇷 194.146.47.161

🇲🇾 175.141.178.91

🇺🇸 143.198.185.63

🇧🇬 78.128.112.30

🇸🇳 41.82.50.218

🇺🇸 216.16.101.175

🇳🇱 195.178.110.30

🇫🇮 147.185.133.159

🇺🇸 147.185.132.103

🇸🇬 114.119.133.85

🇺🇸 69.171.231.136

🇺🇸 44.153.211.123

🇺🇸 44.56.34.178

🇮🇷 37.255.220.246

🇬🇧 35.203.210.30

🇺🇸 135.119.97.71

🇻🇳 103.228.36.70

🇺🇸 91.230.168.25