AbuseIPDB » 13.94.125.205

13.94.125.205 was found in our database!

This IP was reported 272 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	Ireland
City	Dublin, Leinster

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 13.94.125.205

Whois 13.94.125.205

IP Abuse Reports for 13.94.125.205:

This IP address has been reported a total of 272 times from 123 distinct sources. 13.94.125.205 was first reported on May 9th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Anonymous	2025-05-18 19:46:41 (3 weeks ago)	$f2bV_matches	Brute-Force
rtbh.com.tr	2025-05-17 20:08:11 (3 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
librebit	2025-05-16 16:16:15 (4 weeks ago)	Brute force	Brute-Force
tinect	2025-05-16 05:32:58 (4 weeks ago)	tries to find malicious content	Hacking Web App Attack
Site.eu	2025-05-16 05:31:14 (4 weeks ago)	Excessive multi-domain requests	Brute-Force
robotstxt	2025-05-16 05:21:57 (4 weeks ago)	13.94.125.205 - - [16/May/2025:05:21:16 +0000] "GET /cgi-bin/ HTTP/1.1" 404 24309 "-" rt="0.127" "-" ... show more13.94.125.205 - - [16/May/2025:05:21:16 +0000] "GET /cgi-bin/ HTTP/1.1" 404 24309 "-" rt="0.127" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.127" 13.94.125.205 - - [16/May/2025:05:21:17 +0000] "GET /cgi-bin/moon.php HTTP/1.1" 404 24309 "-" rt="0.131" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/cgi-bin/moon.php" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.130" 13.94.125.205 - - [16/May/2025:05:21:23 +0000] "GET /mail/ HTTP/1.1" 404 24309 "-" rt="0.100" "-" "-" h="www.pastafarismo.es" sn="www.pastafarismo.es" ru="/mail/" u="/index.php" ucs="-" ua="unix:/var/run/php/pastafarismo82.sock" us="404" uct="0.000" urt="0.100" 13.94.125.205 - - [16/May/2025:05:21:16 +0000] "GET /cgi-bin/ HTTP/1.1" 404 24309 "-" "-" "-" ... show less	Bad Web Bot
FeG Deutschland	2025-05-16 05:02:43 (4 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 7	Exploited Host Web App Attack
robotstxt	2025-05-16 04:54:18 (4 weeks ago)	13.94.125.205 - - [16/May/2025:04:53:37 +0000] "GET /cgi-bin/ HTTP/1.1" 404 31731 "-" rt="0.160" "-" ... show more13.94.125.205 - - [16/May/2025:04:53:37 +0000] "GET /cgi-bin/ HTTP/1.1" 404 31731 "-" rt="0.160" "-" "-" h="xegma.es" sn="xegma.es" ru="/cgi-bin/" u="/index.php" ucs="-" ua="unix:/var/run/php/esther82.sock" us="404" uct="0.000" urt="0.159" 13.94.125.205 - - [16/May/2025:04:53:38 +0000] "GET /cgi-bin/moon.php HTTP/1.1" 404 31731 "-" rt="0.154" "-" "-" h="xegma.es" sn="xegma.es" ru="/cgi-bin/moon.php" u="/index.php" ucs="-" ua="unix:/var/run/php/esther82.sock" us="404" uct="0.000" urt="0.155" 13.94.125.205 - - [16/May/2025:04:53:43 +0000] "GET /mail/ HTTP/1.1" 404 31731 "-" rt="0.162" "-" "-" h="xegma.es" sn="xegma.es" ru="/mail/" u="/index.php" ucs="-" ua="unix:/var/run/php/esther82.sock" us="404" uct="0.000" urt="0.162" 13.94.125.205 - - [16/May/2025:04:53:37 +0000] "GET /cgi-bin/ HTTP/1.1" 404 31731 "-" "-" "-" 13.94.125.205 - - [16/May/2025:04:53:38 +0000] "GET /cgi-bin/moon.php HTTP/1.1" 404 31731 "-" "-" "-" ... show less	Bad Web Bot
paulshipley.com.au	2025-05-16 04:33:41 (4 weeks ago)	levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:27 +1000] "GET /aaa.php HTTP/1.1" ... show morelevellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:27 +1000] "GET /aaa.php HTTP/1.1" 404 144868 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:30 +1000] "GET /file5.php HTTP/1.1" 404 142302 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:32 +1000] "GET /sitemaps.php HTTP/1.1" 404 142305 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:35 +1000] "GET /post.php HTTP/1.1" 404 142301 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:37 +1000] "GET /ioxi-o.php HTTP/1.1" 404 142298 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:40 +1000] "GET /load.php HTTP/1.1" 404 142301 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:42 +1000] "GET /server.php HTTP/1.1" 404 142298 "-" "-" levellapromotions.com.au:443 13.94.125.205 - - [16/May/2025:14:32:45 +1000] "GET /edit.php HTTP/1.1" 404 142301 "-" "-" levellapromotions.com.au:443 13. ... show less	Web App Attack
ipblock.com	2025-05-16 03:37:00 (4 weeks ago)	IPBlock protected site ID [1365-l]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
robotstxt	2025-05-16 02:44:15 (4 weeks ago)	13.94.125.205 - - [16/May/2025:02:43:30 +0000] "GET /cgi-bin/ HTTP/1.1" 404 62185 "-" rt="0.207" "-" ... show more13.94.125.205 - - [16/May/2025:02:43:30 +0000] "GET /cgi-bin/ HTTP/1.1" 404 62185 "-" rt="0.207" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/cgi-bin/" u="/index.php" ucs="-" ua="unix:/var/run/php/durcal82.sock" us="404" uct="0.000" urt="0.207" 13.94.125.205 - - [16/May/2025:02:43:30 +0000] "GET /cgi-bin/moon.php HTTP/1.1" 404 62185 "-" rt="0.175" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/cgi-bin/moon.php" u="/index.php" ucs="-" ua="unix:/var/run/php/durcal82.sock" us="404" uct="0.000" urt="0.175" 13.94.125.205 - - [16/May/2025:02:43:41 +0000] "GET /mail/ HTTP/1.1" 404 62185 "-" rt="0.154" "-" "-" h="www.durcal.net" sn="www.durcal.net" ru="/mail/" u="/index.php" ucs="-" ua="unix:/var/run/php/durcal82.sock" us="404" uct="0.000" urt="0.153" 13.94.125.205 - - [16/May/2025:02:43:30 +0000] "GET /cgi-bin/ HTTP/1.1" 404 62185 "-" "-" "-" 13.94.125.205 - - [16/May/2025:02:43:30 +0000] "GET /cgi-bin/moon.php HTTP/1.1" 404 62185 "-" "-" "-" ... show less	Bad Web Bot
masterguru	2025-05-16 02:15:31 (4 weeks ago)	Too much 404 requests in 1 hour. Operator GE matched 50 at IP:block_script. (4002-173)	Hacking Web App Attack
rdpguard.com	2025-05-16 02:11:19 (4 weeks ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
URAN Publishing Service	2025-05-16 01:55:20 (4 weeks ago)	13.94.125.205 - - [16/May/2025:04:55:20 +0300] "GET /cgi-bin/ HTTP/1.1" 404 437 "-" "-" ...	Web App Attack
Anonymous	2025-05-16 01:41:06 (4 weeks ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /.well-known/pki-validation/index.php	Web App Attack

Showing 1 to 15 of 272 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

18.214.124.6

103.186.1.172

108.165.238.133

8.216.66.154

162.216.149.176

196.251.70.185

205.210.31.227

92.118.39.34

193.163.125.6

210.236.249.126

104.223.120.159

195.178.110.160

64.33.82.254

117.139.200.157

47.180.114.229

45.39.54.227

107.172.243.131

196.251.92.11

102.39.177.50

27.40.100.155