JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.47.57.94

202.47.57.94 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 72%: ?

72%

ISP	Cyber Internet Services Pakistan
Usage Type	Fixed Line ISP
ASN	AS9541
Domain Name	cyber.net.pk
Country	🇵🇰 Pakistan
City	Sukkur, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.47.57.94

Whois 202.47.57.94

IP Abuse Reports for 202.47.57.94:

This IP address has been reported a total of 51 times from 23 distinct sources. 202.47.57.94 was first reported on April 30th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-04 05:32:36 (2 days ago)	Firewall - Suricata IDS [Priority 2 - High]: ET EXPLOIT Netgear DGN Remote Command Execution	Port Scan Hacking Web App Attack
🇫🇮 6kilowatti	2026-06-02 09:15:32 (3 days ago)	2026-06-02T12:15:32.010394+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:f ... show more 2026-06-02T12:15:32.010394+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:fd:74:70:71:9e:08:00 SRC=202.47.57.94 DST=10.0.0.30 LEN=40 TOS=0x00 PREC=0x00 TTL=53 ID=50627 PROTO=TCP SPT=62609 DPT=23 WINDOW=21040 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇦🇹 urnilxfgbez	2026-06-01 22:45:00 (4 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 security.rdmc.fr	2026-06-01 17:14:42 (4 days ago)	Port Scan Attack proto:TCP src:62397 dst:23	Port Scan
🇦🇺 dyln	2026-06-01 11:09:51 (4 days ago)	Dyls honeypot brute-force: Telnet (1 total hits)	Brute-Force
🇬🇧 PeravixGroup	2026-06-01 00:15:57 (5 days ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇦🇹 urnilxfgbez	2026-05-26 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇮🇹 Inartis	2026-05-26 16:01:39 (1 week ago)	202.47.57.94 - - [26/May/2026:18:01:27 +0200] "POST /HNAP1/ HTTP/1.0" 408 485 "-" "-" ...	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-26 07:48:20 (1 week ago)	Blocked by UFW (TCP on 23) Source port: 61943 TTL: 47 Packet length: 40 TOS: 0x08 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 61943 TTL: 47 Packet length: 40 TOS: 0x08 This report (for 202.47.57.94) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇬🇧 PeravixGroup	2026-05-25 19:01:35 (1 week ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇬🇧 PeravixGroup	2026-05-20 19:54:38 (2 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
🇺🇸 MPL	2026-05-20 07:19:37 (2 weeks ago)	tcp/23 (2 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-05-18 12:54:51 (2 weeks ago)	Honeypot detection: Mozi IoT botnet payload delivery / infection attempt on port 8080. Severity: CRI ... show more Honeypot detection: Mozi IoT botnet payload delivery / infection attempt on port 8080. Severity: CRITICAL. Aaran.cloud show less	Hacking IoT Targeted
🇺🇸 itsnixk	2026-05-18 04:28:11 (2 weeks ago)	(mod_security) mod_security (id:920280) triggered by 202.47.57.94 (PK/Pakistan/-): 1 in the last 360 ... show more (mod_security) mod_security (id:920280) triggered by 202.47.57.94 (PK/Pakistan/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon May 18 00:28:07.442927 2026] [security2:error] [pid 396883:tid 397389] [client 202.47.57.94:62850] ModSecurity: Access denied with code 406 (phase 1). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "567"] [id "920280"] [msg "Request Missing a Host Header"] [severity "CRITICAL"] [ver "OWASP_CRS/4.25.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/boaform/admin/formLogin"] [unique_id "agqVV-gXQNoLSg8DfAkSawAAAGw"] show less	Port Scan
🇺🇸 MPL	2026-05-18 04:21:19 (2 weeks ago)	tcp/23	Port Scan

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 172.193.184.42

🇭🇰 154.81.14.172

🇨🇭 179.43.168.58

🇧🇷 177.22.44.30

🇺🇸 162.141.167.4

🇺🇸 138.68.61.2

🇨🇳 112.46.212.141

🇰🇷 106.243.155.71

🇺🇸 104.177.204.122

🇫🇷 104.23.229.144

🇺🇸 64.62.197.78

🇳🇱 45.198.224.5

🇪🇸 31.24.155.180

🇵🇱 194.180.49.245

🇺🇸 109.105.210.38

🇺🇸 104.37.27.7

🇮🇳 103.249.80.116

🇮🇳 103.114.221.178

🇨🇦 45.194.92.20

🇲🇿 41.220.200.74