JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 92.4.69.157

92.4.69.157 was found in our database!

This IP was reported 31 times. Confidence of Abuse is 87%: ?

87%

ISP	Oracle Svenska AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS31898
Domain Name	oracle.com
Country	🇮🇳 India
City	Mumbai, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 92.4.69.157

Whois 92.4.69.157

IP Abuse Reports for 92.4.69.157:

This IP address has been reported a total of 31 times from 17 distinct sources. 92.4.69.157 was first reported on May 16th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-18 18:20:28 (6 hours ago)	(mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 14:20:21.554571 2026] [security2:error] [pid 31822:tid 31822] [client 92.4.69.157:40572] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.finner.info"] [uri "/.env"] [unique_id "ajQ25ZaAO_aPCQk0pPnZ8gAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 17:23:54 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 13:23:49.855738 2026] [security2:error] [pid 17351:tid 17375] [client 92.4.69.157:52488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.etp.doorways.info"] [uri "/.env"] [unique_id "ajQppdF7pTERWHUAdLAjZgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 16:53:31 (8 hours ago)	(mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 12:53:26.169383 2026] [security2:error] [pid 19500:tid 19500] [client 92.4.69.157:37836] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.encoreporchfest.info"] [uri "/.env"] [unique_id "ajQihs1XIz942o6oMkJRawAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-16 07:06:49 (2 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-16 06:22:39 (2 days ago)	Try to access /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 19:03:49 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:03:42.862316 2026] [security2:error] [pid 2239:tid 2239] [client 92.4.69.157:59636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.onlineteacher.info"] [uri "/.env"] [unique_id "ajBMjnSNsO5KC5AWS0Ay7QAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 07:38:33 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:38:27.572870 2026] [security2:error] [pid 28619:tid 28619] [client 92.4.69.157:39500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tand.es"] [uri "/.env"] [unique_id "ai-r875mVN6RUtj7m6noqwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 UMP-PL	2026-06-15 01:49:35 (3 days ago)	Webserver scan (backups, phpadmin, etc.)	Web App Attack
🇨🇦 Roper123	2026-06-15 01:39:07 (3 days ago)	Web exploits	Hacking Web App Attack
🇩🇪 sdos.es	2026-06-14 19:35:21 (4 days ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 12:47:40 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 92.4.69.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:47:37.159350 2026] [security2:error] [pid 25778:tid 25778] [client 92.4.69.157:38392] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "xarq.es"] [uri "/.env"] [unique_id "ai6i6aAsyk1QvysWLPvIxgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-06-14 10:57:38 (4 days ago)	⌨️ Probes for /.env everywhere	Hacking Web App Attack
🇩🇪 Vegascosmetics	2026-06-14 10:38:06 (4 days ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇨🇿 sajmon0011	2026-06-14 03:51:15 (4 days ago)	92.4.69.157 - - [14/Jun/2026:05:51:13 +0200] "GET /users/sign_in HTTP/1.1" 404 196 "-" "Mozilla/5.0 ... show more 92.4.69.157 - - [14/Jun/2026:05:51:13 +0200] "GET /users/sign_in HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" ... show less	Web App Attack
🇺🇸 SiliSoftware	2026-06-14 02:04:04 (4 days ago)	/users/sign_in	Web App Attack

Showing 1 to 15 of 31 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 67.213.119.29

🇺🇸 216.218.206.109

🇬🇧 213.166.84.46

🇺🇸 208.84.102.181

🇵🇱 194.180.49.56

🇷🇺 188.243.182.199

🇺🇸 184.105.139.96

🇺🇸 173.252.127.141

🇯🇵 161.33.10.83

🇫🇮 104.245.242.165

🇯🇵 102.204.223.186

🇫🇮 95.214.9.217

🇺🇸 86.104.195.76

🇨🇦 85.217.149.8

🇦🇹 85.124.207.102

🇨🇱 68.211.177.55

🇰🇷 59.8.48.41

🇬🇧 45.198.224.46

🇳🇱 45.142.193.18

🇺🇸 45.132.227.75