JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.249.46.2

92.249.46.2 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 100%: ?

100%

ISP	Hostinger International Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	hostinger.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.249.46.2

Whois 92.249.46.2

IP Abuse Reports for 92.249.46.2:

This IP address has been reported a total of 33 times from 22 distinct sources. 92.249.46.2 was first reported on June 6th 2026, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-07 22:07:47 (22 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-06. show less	Web App Attack SSH Hacking
🇨🇦 polycoda	2026-06-07 19:55:22 (1 day ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 17:36:14 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 92.249.46.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.249.46.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:36:08.273695 2026] [security2:error] [pid 27787:tid 27787] [client 92.249.46.2:52346] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emelecsrl.com"] [uri "/laravel/.env"] [unique_id "aiWsCMvX3CdibtkRD3EFpQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-07 16:26:45 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 14:08:14 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 92.249.46.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.249.46.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 10:08:10.578127 2026] [security2:error] [pid 10141:tid 10141] [client 92.249.46.2:42684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "helpkccare.org"] [uri "/app/.env"] [unique_id "aiV7SmAjGM8qVSgfP08MggAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 sthoyer.de	2026-06-07 12:25:35 (1 day ago)	92.249.46.2 - - [07/Jun/2026:14:25:33 +0200] "GET /laravel/.env HTTP/1.1" 302 794 "-" "Mozilla/5.0 ( ... show more 92.249.46.2 - - [07/Jun/2026:14:25:33 +0200] "GET /laravel/.env HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 92.249.46.2 - - [07/Jun/2026:14:25:33 +0200] "GET /app/.env HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 92.249.46.2 - - [07/Jun/2026:14:25:33 +0200] "GET /backend/.env HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Web App Attack
🇳🇱 Eric	2026-06-07 11:41:21 (1 day ago)	[Sun Jun 07 11:41:21.073805 2026] [security2:error] [pid 2568188:tid 2568188] [client 92.249.46.2:20 ... show more [Sun Jun 07 11:41:21.073805 2026] [security2:error] [pid 2568188:tid 2568188] [client 92.249.46.2:20152] [client 92.249.46.2] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "fambus.nl"] [uri "/.env.save"] [unique_id "aiVY4akSiF0n6oJJR6fVhwAAAAQ"] [Sun Jun 07 11:41:21.090427 2026] [security2:error] [pid 2420350:tid 2420350] [client 92.249.46.2:20208] [client 92.249.46.2] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity " ... show less	Hacking Web App Attack
🇳🇱 wlt-blocker	2026-06-07 11:09:45 (1 day ago)	Unauthorized access to webpage admin	Web App Attack
🇸🇪 nekopavel	2026-06-07 10:35:34 (1 day ago)	92.249.46.2 - - [07/Jun/2026:12:35:30 +0200]"GET /.env HTTP/1.1" 404 1183"-" uwu.so "Mozilla/5.0 (Ma ... show more 92.249.46.2 - - [07/Jun/2026:12:35:30 +0200]"GET /.env HTTP/1.1" 404 1183"-" uwu.so "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36""0.017" "0.000""Mumbai" "IN" 92.249.46.2 - - [07/Jun/2026:12:35:30 +0200]"GET /.env.save HTTP/1.1" 404 1183"-" uwu.so "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36""0.018" "0.000""Mumbai" "IN" 92.249.46.2 - - [07/Jun/2026:12:35:30 +0200]"GET /core/.env.save HTTP/1.1" 404 1183"-" uwu.so "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36""0.009" "0.000""Mumbai" "IN" ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 10:29:04 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 92.249.46.2 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.249.46.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 06:28:56.846588 2026] [security2:error] [pid 7497:tid 7497] [client 92.249.46.2:30654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcthorpe.com"] [uri "/backend/.env"] [unique_id "aiVH6Mke7gv5HSxTjc-GngAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 07:19:23 (1 day ago)	(caddyscan) Scanner path probe from 92.249.46.2 (IN/India/-): 5 in the last 3600 secs; Ports: ; Dir ... show more (caddyscan) Scanner path probe from 92.249.46.2 (IN/India/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 92.249.46.2 - - [07/Jun/2026:07:19:22 +0000] "GET /dev/.env HTTP/1.1" [REDACTED] 200 2627 92.249.46.2 - - [07/Jun/2026:07:19:22 +0000] "GET /.env.save HTTP/1.1" [REDACTED] 200 2627 92.249.46.2 - - [07/Jun/2026:07:19:22 +0000] "GET /api/.env.save HTTP/1.1" [REDACTED] 200 2627 92.249.46.2 - - [07/Jun/2026:07:19:22 +0000] "GET /core/.env HTTP/1.1" [REDACTED] 200 2627 92.249.46.2 - - [07/Jun/2026:07:19:22 +0000] "GET /core/.env.save HTTP/1.1" show less	Port Scan
Anonymous	2026-06-07 06:05:46 (1 day ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=13	Hacking
🇨🇭 Origon	2026-06-07 05:24:43 (1 day ago)	http-sensitive-files - IP: 92.249.46.2 - time="2026-06-07T07:24:43+02:00" level=info msg="(555f66b4 ... show more http-sensitive-files - IP: 92.249.46.2 - time="2026-06-07T07:24:43+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 92.249.46.2 (US/0) : 4h ban on Ip 92.249.46.2" module=db show less	Web App Attack
🇺🇸 walnuts	2026-06-07 03:50:29 (1 day ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-06-07 03:01:59 (1 day ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 185.227.153.56

🇨🇳 47.95.207.149

🇺🇸 43.166.137.151

🇨🇳 36.140.29.110

🇪🇸 31.24.155.180

🇶🇦 2600:1900:4260:40e::27

🇺🇸 174.76.38.124

🇺🇸 162.216.150.36

🇸🇦 143.92.135.86

🇨🇳 101.126.64.76

🇺🇸 34.42.34.237

🇰🇷 14.51.86.78

🇮🇪 3.253.241.6

🇰🇷 222.108.100.117

🇳🇱 185.223.235.12

🇵🇱 81.210.53.105

🇩🇪 69.5.169.121

🇺🇸 66.132.172.193

🇺🇸 38.148.249.2

🇫🇷 31.36.163.95