JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.112.217.200

92.112.217.200 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS49770
Domain Name	netutils.io
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.112.217.200

Whois 92.112.217.200

IP Abuse Reports for 92.112.217.200:

This IP address has been reported a total of 14 times from 5 distinct sources. 92.112.217.200 was first reported on May 30th 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-01 14:38:22 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 10:29:08.509352 2026] [security2:error] [pid 31043:tid 31056] [client 92.112.217.200:55577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/wp-content/plugins/simple-file-list/includes/ee-downloader.php"] [unique_id "ac0rtM4zrSKdmLxn1buHWgAAAIE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 12:49:17 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 07:49:13.653306 2026] [security2:error] [pid 483:tid 652] [client 92.112.217.200:59657] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.com"] [uri "/.env."] [unique_id "aX9LyQMxl-cQ0UzvOvSi_QAAAEY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-16 10:05:43 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 05:05:35.924251 2026] [security2:error] [pid 17086:tid 17086] [client 92.112.217.200:42705] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.nbcnewsradio.com"] [uri "/.env.dev"] [unique_id "aWoNb8Tc61reJZ3M88skcgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-12-29 00:53:50 (5 months ago)	(From [email protected]) Para el Responsable de Marketing Hola, Me dedico a optimizar la p ... show more (From [email protected]) Para el Responsable de Marketing Hola, Me dedico a optimizar la presencia digital de negocios y proyectos y quería mostrarle una forma directa de reforzar su presencia digital. Hoy no basta con publicar, hay que amplificar cada acción. Por eso ponemos a disposición soluciones prácticas para aumentar interacción real, con opciones disponibles desde solo 1 $. ¿Por qué trabajar con nosotros? Tenemos experiencia real en crecimiento digital multicanal, y buscamos apoyar el crecimiento sin riesgos innecesarios. Trabajamos con Instagram, YouTube, TikTok, Twitter (X), Facebook, LinkedIn y otras plataformas. Algunos servicios disponibles desde 1 $: - Seguidores en Instagram: Refuerce su presencia inicial - Likes en Instagram: Mejore el alcance de sus publicaciones - Retweets en Twitter: Impulse la circulación de su contenido - Seguidores en Facebook: Apoye el crecimiento de su página - Suscriptores en YouTube: Acompañe el crecimiento orgánico Disponemos de má show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2025-12-03 00:05:42 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 19:05:38.450369 2025] [security2:error] [pid 27506:tid 27506] [client 92.112.217.200:45493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.farmers123.com"] [uri "/.env.stage"] [unique_id "aS9-0qtejQN4o_-vJPP4ngAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:26:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:26:17.026951 2025] [security2:error] [pid 30768:tid 30788] [client 92.112.217.200:53201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.com"] [uri "/.env.webmail"] [unique_id "aS01Cf5kVQ-rlVW6wYRxggAAAVA"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 Per-Erik Runebert	2025-11-17 09:39:26 (6 months ago)	Excessive unauthorized requests	Hacking
🇺🇸 TPI-Abuse	2025-10-28 20:23:53 (7 months ago)	(mod_security) mod_security (id:217200) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 16:23:46.124491 2025] [security2:error] [pid 8139:tid 8139] [client 92.112.217.200:39991] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|mail.nbcnewsradio.com:80\|F\|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "mail.nbcnewsradio.com"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aQEmUkngjL3vizJDWxbWQwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 sailor	2025-10-18 18:21:00 (7 months ago)	blocked by firewall for XSS: Cross Site Scripting in query string:	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:49:59 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:49:48.815300 2025] [security2:error] [pid 21347:tid 21356] [client 92.112.217.200:47649] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.kettlehill.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.kettlehill.com"] [uri "/mail.kettlehill.com/error.log"] [unique_id "aN0_jDQa5dHzoOSVGKqCwQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-22 20:40:23 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 16:40:03.649520 2025] [security2:error] [pid 1649:tid 1649] [client 92.112.217.200:39089] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.deandobkin.com"] [uri "/.env.production"] [unique_id "aNG0I44LmqkQq463SMzg8gAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 06:41:50 (10 months ago)	(mod_security) mod_security (id:210730) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 02:41:36.029843 2025] [security2:error] [pid 3332372:tid 3332377] [client 92.112.217.200:56355] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kettlehill.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kettlehill.com"] [uri "/main.php.bak"] [unique_id "aIxhoB33aKcnOojmIbhTPAAAAoM"], referer: http://kettlehill.com/main.php.bak show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-02 19:10:02 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 23:29:42 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 92.112.217.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 19:29:39.433487 2025] [security2:error] [pid 814318:tid 814318] [client 92.112.217.200:52719] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.nbcnewsradio.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.nbcnewsradio.com"] [uri "/main.php.bak"] [unique_id "aDo_Y6MsGJoJlnnuurytrAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 193.36.225.244

🇨🇳 116.179.32.103

🇳🇱 89.21.67.157

🇺🇸 68.134.18.123

🇩🇪 51.75.64.35

🇰🇷 49.173.65.19

🇺🇸 47.254.94.232

🇺🇸 45.130.83.110

🇰🇿 178.90.225.181

🇳🇱 176.65.139.216

🇩🇪 176.65.132.149

🇻🇳 160.250.186.97

🇭🇰 101.36.108.191

🇹🇷 88.230.99.122

🇺🇸 66.132.172.227

🇺🇸 50.19.148.86

🇳🇱 2a02:4780:8:1805:0:c6f:68d5:1

🇯🇵 202.212.191.16

🇨🇳 118.145.228.55

🇮🇳 103.54.101.248