JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.112.238.223

92.112.238.223 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 12%: ?

12%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62160
Domain Name	netutils.io
Country	🇨🇿 Czechia
City	Prague, Prague

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.112.238.223

Whois 92.112.238.223

IP Abuse Reports for 92.112.238.223:

This IP address has been reported a total of 8 times from 5 distinct sources. 92.112.238.223 was first reported on July 1st 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 backslash	2026-06-16 04:18:01 (3 hours ago)	block ruleset 7B8FD6B12C4E12B6F0DAE02E53C0597FBEDDF5BC	Bad Web Bot
🇺🇸 wasuma	2026-05-19 14:14:34 (3 weeks ago)	Honeypot: Apache path traversal RCE — systematic probe for CVE-2021-41773. No payload delivered yet.	Port Scan Web App Attack
🇫🇷 dynamix	2026-04-16 15:22:22 (1 month ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇷 dynamix	2026-04-13 07:11:00 (2 months ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 21:24:02 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.238.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.238.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:23:53.807068 2026] [security2:error] [pid 157402:tid 157402] [client 92.112.238.223:59525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nbcnewsradio.com"] [uri "/a.htaccess"] [unique_id "adbHaf-c8E6ALxb3WhFwRAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-01-06 20:55:46 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -30.556 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -30.556 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0. show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-12 07:56:11 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 92.112.238.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.112.238.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 12 02:56:05.588295 2025] [security2:error] [pid 6540:tid 6540] [client 92.112.238.223:41455] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.www"] [unique_id "aRQ9lTWCtz8OuonM8pX-mAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-01 06:33:29 (11 months ago)	(mod_security) mod_security (id:212620) triggered by 92.112.238.223 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 92.112.238.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 02:33:21.053894 2025] [security2:error] [pid 32047:tid 32126] [client 92.112.238.223:47409] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|www.kettlehill.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /?s=</script><script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.kettlehill.com"] [uri "/"] [unique_id "aGOBMQF1tdoO2im1K3VsOwAAAJE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 185.94.111.1

🇮🇳 182.95.181.166

🇸🇬 159.223.33.252

🇮🇳 103.132.243.250

🇺🇸 66.132.172.105

🇸🇬 35.247.185.27

🇬🇧 35.203.210.51

🇺🇸 8.234.170.137

🇺🇸 8.234.139.107

🇩🇪 5.231.242.154

🇺🇸 2607:f8b0:4023:1009::120

🇩🇪 194.88.98.91

🇺🇸 172.185.40.47

🇺🇸 149.22.94.50

🇳🇱 91.92.40.10

🇰🇷 43.164.190.238

🇮🇷 2.180.159.220

🇧🇪 198.235.24.172

🇩🇪 193.124.20.229

🇷🇺 178.178.213.224