JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.112.189.56

92.112.189.56 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Boston, Massachusetts

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.112.189.56

Whois 92.112.189.56

IP Abuse Reports for 92.112.189.56:

This IP address has been reported a total of 43 times from 34 distinct sources. 92.112.189.56 was first reported on June 7th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-08 21:59:50 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇨🇦 ISPLtd	2026-06-08 13:05:06 (1 week ago)	Jun 8 10:05:03 92.112.189.56 TCP SPT=63410 DPT=443 SYN Jun 8 10:05:03 92.112.189.56 TCP SPT=63356 ... show more Jun 8 10:05:03 92.112.189.56 TCP SPT=63410 DPT=443 SYN Jun 8 10:05:03 92.112.189.56 TCP SPT=63356 DPT=443 SYN Jun 8 10:05:03 92.112.189.56 TCP SPT=63338 DPT=443 SYN ... show less	DDoS Attack
🇨🇦 Dunham Support	2026-06-08 12:49:04 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 92.112.189.56 (US/United States/-)	SQL Injection
Anonymous	2026-06-08 09:58:35 (1 week ago)	92.112.189.56 - - [08/Jun/2026:09:58:35 +0000] "GET /api/.env.save HTTP/1.1" 404 564 "-" "Mozilla/5. ... show more 92.112.189.56 - - [08/Jun/2026:09:58:35 +0000] "GET /api/.env.save HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 92.112.189.56 - - [08/Jun/2026:09:58:35 +0000] "GET /core/.env HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Web App Attack
🇨🇭 4server	2026-06-08 08:55:21 (1 week ago)	[MonJun0810:55:16.7157732026][security2:error][pid3396618:tid3396754][client92.112.189.56:0]ModSecur ... show more [MonJun0810:55:16.7157732026][security2:error][pid3396618:tid3396754][client92.112.189.56:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"fisioterapiafalzone.ch\"][uri\"/admin/.env\"][unique_id\"aiaDdFtScAacYzw_pV6RYAAAAAA\"] show less	Hacking Web App Attack
🇬🇧 consul.to	2026-06-08 08:03:14 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 todix	2026-06-08 07:53:54 (1 week ago)	Web App Attack Exploid from 92.112.189.56	Web App Attack
🇩🇪 dbmwebdesign	2026-06-08 03:55:20 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇳🇱 debestelapp	2026-06-08 02:55:07 (1 week ago)		Web App Attack
🇺🇸 Matthew Ping	2026-06-08 02:30:01 (1 week ago)	ModSecurity rule 949110 triggered on dedicated4785. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇫🇷 masterguru	2026-06-08 01:48:30 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
Anonymous	2026-06-07 21:40:47 (1 week ago)	(caddyscan) Scanner path probe from 92.112.189.56 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 92.112.189.56 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 92.112.189.56 - - [07/Jun/2026:21:40:45 +0000] "GET /api/.env HTTP/1.1" [REDACTED] 200 2627 92.112.189.56 - - [07/Jun/2026:21:40:45 +0000] "GET /laravel/.env HTTP/1.1" [REDACTED] 200 2627 92.112.189.56 - - [07/Jun/2026:21:40:45 +0000] "GET /app/.env HTTP/1.1" [REDACTED] 200 2627 92.112.189.56 - - [07/Jun/2026:21:40:45 +0000] "GET /members/.env HTTP/1.1" [REDACTED] 200 2627 92.112.189.56 - - [07/Jun/2026:21:40:45 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇺🇸 jkhorvath.com	2026-06-07 18:51:54 (1 week ago)	Request for URL /api/.env	Phishing Brute-Force Web App Attack
🇦🇺 paulshipley.com.au	2026-06-07 15:10:52 (1 week ago)	[Mon Jun 08 01:10:51.594685 2026] [security2:error] [pid 923692] [client 92.112.189.56:63470] [clien ... show more [Mon Jun 08 01:10:51.594685 2026] [security2:error] [pid 923692] [client 92.112.189.56:63470] [client 92.112.189.56] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/.env.save"] [unique_id "aiWJ-90OEYjDvbk8j3mVEgAAAAU"], referer: https://focuspromo.com.au/.env.save ... show less	Web App Attack
🇫🇷 masterguru	2026-06-07 12:47:03 (1 week ago)	Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 20.226.2.115

🇭🇰 223.197.248.209

🇵🇰 175.107.32.186

🇨🇳 171.217.92.33

🇯🇵 133.88.121.148

🇱🇹 62.60.130.251

🇱🇹 62.60.130.71

🇰🇷 59.24.133.197

🇳🇱 45.148.10.151

🇺🇸 40.124.175.184

🇨🇦 20.104.75.74

🇺🇸 2604:a880:400:d1:0:4:9882:1

🇩🇪 165.227.172.206

🇵🇭 120.28.197.69

🇧🇩 114.134.95.234

🇺🇸 34.230.221.101

🇨🇭 209.99.190.113

🇦🇷 186.23.209.47

🇨🇳 183.230.155.13

🇧🇷 131.100.46.248