JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.113.115.226

92.113.115.226 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 4%: ?

ISP	JSC Ukrtelecom
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20853
Domain Name	ukrtelecom.ua
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.113.115.226

Whois 92.113.115.226

IP Abuse Reports for 92.113.115.226:

This IP address has been reported a total of 8 times from 3 distinct sources. 92.113.115.226 was first reported on March 18th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 bigorre.org	2026-06-15 14:54:54 (1 day ago)	Excessive crawling : exceed crawl-delay defined in robots.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-01-17 05:29:31 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 00:29:23.108401 2026] [security2:error] [pid 18690:tid 18690] [client 92.113.115.226:37805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/htaccess_for_page_not_found_redirects.htaccess"] [unique_id "aWseM233PXa6iJLxb9P7GAAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 17:34:06 (5 months ago)	(mod_security) mod_security (id:217200) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217200) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 12:32:01.267540 2025] [security2:error] [pid 27849:tid 28211] [client 92.113.115.226:52885] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|kettlehill.net\|F\|2"] [data "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "kettlehill.net"] [uri "/cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh"] [unique_id "aVK7EVQ7a22kNO2lY86YIwAAAMs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:10:37 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:10:20.208121 2025] [security2:error] [pid 20152:tid 20152] [client 92.113.115.226:52525] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php/component/chronoforums2/profiles/avatar/u1?tvout=file&av=../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/index.php/component/chronoforums2/profiles/avatar/u1"] [unique_id "aRWgfJXH3_PJYZHx7j1rQQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 00:45:27 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 20:45:21.737349 2025] [security2:error] [pid 404370:tid 404569] [client 92.113.115.226:49267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.staging.kettlehill.com"] [uri "/wp-config.php"] [unique_id "aIV2ocy-cZtwxEkIWL8sLwAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 16:21:25 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 12:21:11.646031 2025] [security2:error] [pid 2964164:tid 2964164] [client 92.113.115.226:47417] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.farmers123.com"] [uri "/wp-config.php.bak"] [unique_id "aDiJd1LEozcCn0aDQtekOAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-19 03:03:18 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 92.113.115.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 23:02:56.680104 2025] [security2:error] [pid 14944:tid 14955] [client 92.113.115.226:51685] [client 92.113.115.226] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|blog.spinningdesigns.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blog.spinningdesigns.com"] [uri "/"] [unique_id "aAMSYKlkjOMtrQ4IEmndLAAAAEc"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-18 10:00:07 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 210.113.221.2

🇩🇪 194.88.98.114

🇺🇸 162.216.149.187

🇮🇳 117.245.139.85

🇮🇩 103.166.26.119

🇮🇩 103.164.57.37

🇻🇳 103.48.192.48

🇨🇦 72.251.8.119

🇳🇱 64.225.74.178

🇺🇸 47.251.176.101

🇸🇬 47.84.203.75

🇳🇱 45.153.34.71

🇬🇧 35.203.210.180

🇺🇸 216.25.89.107

🇪🇹 196.189.104.106

🇧🇷 189.126.44.189

🇲🇽 187.189.128.129

🇺🇸 172.232.15.250

🇮🇹 158.173.77.220

🇧🇷 152.67.46.203