JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.92.21.204

23.92.21.204 was found in our database!

This IP was reported 197 times. Confidence of Abuse is 32%: ?

32%

ISP	Linode
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	23-92-21-204.ip.linodeusercontent.com
Domain Name	linode.com
Country	🇺🇸 United States of America
City	Cedar Knolls, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.92.21.204

Whois 23.92.21.204

IP Abuse Reports for 23.92.21.204:

This IP address has been reported a total of 197 times from 57 distinct sources. 23.92.21.204 was first reported on July 7th 2021, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-16 03:45:52 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 updown.io	2026-06-15 18:45:47 (3 days ago)	{"level":"info","ts":1781548692.855866,"logger":"http.log.access.log1","msg":"handled request","requ ... show more {"level":"info","ts":1781548692.855866,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"23.92.21.204","remote_port":"44744","client_ip":"23.92.21.204","proto":"HTTP/1.0","method":"GET","host":"","uri":"/","headers":{}},"bytes_read":0,"user_id":"","duration":0.000072619,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https:///"],"Content-Type":[]}} {"level":"info","ts":1781548705.9066849,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"23.92.21.204","remote_port":"41692","client_ip":"23.92.21.204","proto":"HTTP/1.1","method":"GET","host":"tls2.updn.io","uri":"/HNAP1","headers":{"Connection":["close"],"User-Agent":["Mozilla/5.0 (compatible; Nmap Scripting Engine; https://nmap.org/book/nse.html)"]}},"bytes_read":0,"user_id":"","duration":0.000069021,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://tls2.updn.io/HNAP1"],"Content-Type" ... show less	DDoS Attack Web App Attack
🇩🇪 keep_out	2026-06-06 10:50:58 (1 week ago)	Probing\(5\) HTTP Ports ...	Bad Web Bot Web App Attack
🇨🇭 4server	2026-05-24 06:45:34 (3 weeks ago)	[SunMay2408:45:29.2856582026][security2:error][pid2233296:tid2233648][client23.92.21.204:0]ModSecuri ... show more [SunMay2408:45:29.2856582026][security2:error][pid2233296:tid2233648][client23.92.21.204:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.4host.biz\"][uri\"/\"][unique_id\"ahKeiRmc6ZyeewKePTTH4wAAARQ\"] show less	Hacking Web App Attack
🇩🇪 marcel-knorr.de	2026-05-10 01:22:01 (1 month ago)	[MK-VM6] Blocked by UFW	Brute-Force Port Scan
🇺🇸 gu-alvareza	2026-05-09 07:05:28 (1 month ago)	Nmap.Script.Scanner	Port Scan
🇩🇪 grassau.com	2026-04-30 21:02:53 (1 month ago)	Port Scan detected from 23.92.21.204 (US/United States/New Jersey/Cedar Knolls/23-92-21-204.ip.lin ... show more Port Scan detected from 23.92.21.204 (US/United States/New Jersey/Cedar Knolls/23-92-21-204.ip.linodeusercontent.com). show less	Port Scan
🇨🇭 4server	2026-04-29 06:14:45 (1 month ago)	[WedApr2908:14:41.6545212026][security2:error][pid102180:tid103490][client23.92.21.204:0]ModSecurity ... show more [WedApr2908:14:41.6545212026][security2:error][pid102180:tid103490][client23.92.21.204:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mail.urbani.ch\"][uri\"/\"][unique_id\"afGh0ZSdzPjeEHRbgXsf9gAAAMo\"] show less	Hacking Web App Attack
🇺🇸 drewf.ink	2026-03-22 06:04:35 (2 months ago)	[06:04] Port scanning. Port(s) scanned: TCP/8443	Port Scan
🇦🇺 trentwiles.com	2026-03-21 03:40:28 (2 months ago)	Unauthorized connection attempt detected from IP address 23.92.21.204 to port 992 [SYD]	Port Scan
🇺🇸 drewf.ink	2026-03-21 03:30:24 (2 months ago)	[03:30] Port scanning. Port(s) scanned: TCP/25	Port Scan
🇺🇸 www.winos.me	2026-03-21 02:24:28 (2 months ago)	port scan	Port Scan
🇺🇸 MirrorImageGaming	2026-03-18 10:06:01 (3 months ago)	Postfix rejected connection US	Hacking
🇸🇪 donarev419	2026-03-10 06:53:25 (3 months ago)	Port scan detected on port 636 (connection without data transfer)	Port Scan
🇫🇷 polido	2026-03-09 12:21:18 (3 months ago)	Unauthorized connection attempt to port 443 from 23.92.21.204	Port Scan

Showing 1 to 15 of 197 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 195.114.26.207

🇸🇬 172.253.211.86

🇬🇧 172.71.241.49

🇦🇺 109.176.39.164

🇮🇳 103.83.128.36

🇨🇦 82.25.172.174

🇮🇹 82.24.152.118

🇧🇪 34.78.36.16

🇻🇳 183.91.11.36

🇺🇸 162.216.150.24

🇮🇩 103.67.80.61

🇫🇷 91.231.89.43

🇬🇧 84.92.61.78

🇺🇸 3.131.220.121

🇷🇼 197.243.14.52

🇫🇮 147.185.133.160

🇰🇷 112.151.178.49

🇮🇳 59.97.252.84

🇩🇪 43.228.157.155

🇺🇸 198.11.178.150