JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.101.105.116

141.101.105.116 was found in our database!

This IP was reported 117 times. Confidence of Abuse is 0%: ?

ISP	CloudFlare CDN network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS13335
Domain Name	cloudflare.com
Country	🇦🇹 Austria
City	Vienna, State of Vienna

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 141.101.105.116 is an IP address from within our whitelist belonging to the subnet 141.101.64.0/18, which we identify as: "Cloudflare Reverse Proxy".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 141.101.105.116

Whois 141.101.105.116

IP Abuse Reports for 141.101.105.116:

This IP address has been reported a total of 117 times from 25 distinct sources. 141.101.105.116 was first reported on December 28th 2020, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 Prcek	2026-06-20 16:58:12 (1 week ago)	PortScan:HOST=141.101.105.116,DPORTS=443	Port Scan
🇺🇦 URAN Publishing Service	2026-03-21 16:22:48 (3 months ago)	141.101.105.116 - - [21/Mar/2026:18:22:47 +0200] "GET /backend/.env HTTP/1.1" 404 282 "-" "-" 141.10 ... show more 141.101.105.116 - - [21/Mar/2026:18:22:47 +0200] "GET /backend/.env HTTP/1.1" 404 282 "-" "-" 141.101.105.116 - - [21/Mar/2026:18:22:48 +0200] "GET /admin/.env HTTP/1.1" 404 282 "-" "-" ... show less	Web App Attack
🇷🇴 ReporTR	2026-02-06 23:57:21 (4 months ago)	Repeated malicious activity detected by Fail2Ban jail 'plesk-apache'. TCP connection completed. IP b ... show more Repeated malicious activity detected by Fail2Ban jail 'plesk-apache'. TCP connection completed. IP banned. show less	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2025-08-24 21:28:23 (10 months ago)	141.101.105.116 - - [25/Aug/2025:00:28:22 +0300] "GET /wp-includes/sitemaps/ HTTP/1.1" 404 280 "-" " ... show more 141.101.105.116 - - [25/Aug/2025:00:28:22 +0300] "GET /wp-includes/sitemaps/ HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" 141.101.105.116 - - [25/Aug/2025:00:28:22 +0300] "GET /wp-includes/sitemaps/providers/ HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0" ... show less	Web App Attack
Anonymous	2025-07-21 02:38:52 (11 months ago)	wp admin page access attempt ...	Hacking Web App Attack
🇺🇸 TPI-Abuse	2025-05-04 21:19:53 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 141.101.105.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 141.101.105.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 04 17:19:46.120247 2025] [security2:error] [pid 3206218:tid 3206218] [client 141.101.105.116:48828] [client 141.101.105.116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 77.38.105.157 (0+1 hits since last alert)\|rodrigoaldecoa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodrigoaldecoa.com"] [uri "/xmlrpc.php"] [unique_id "aBfZ8r8_ZoBCEgxpSta5KQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2025-03-17 12:44:16 (1 year ago)	Multiple WAF Violations	Web App Attack
🇩🇪 paissangroup	2025-03-07 12:20:19 (1 year ago)	Multiple WAF Violations	Web App Attack
🇩🇪 paissangroup	2025-03-05 10:11:50 (1 year ago)	Multiple WAF Violations	Web App Attack
🇩🇪 paissangroup	2025-03-03 07:54:58 (1 year ago)	Multiple WAF Violations	Web App Attack
🇩🇪 paissangroup	2025-03-01 06:52:30 (1 year ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2025-02-23 22:35:09 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 141.101.105.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 141.101.105.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 23 17:35:00.167842 2025] [security2:error] [pid 27251:tid 27251] [client 141.101.105.116:14108] [client 141.101.105.116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.camel24.cc"] [uri "/admin/.env"] [unique_id "Z7uilNIWNZ0stJrEmMU5QgAAAAY"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 Proxay Fox	2024-12-31 05:55:23 (1 year ago)	141.101.105.116 - - [31/Dec/2024:15:47:34 +1000] "POST /wp-login.php HTTP/2.0" 200 3085 "-" "Mozilla ... show more 141.101.105.116 - - [31/Dec/2024:15:47:34 +1000] "POST /wp-login.php HTTP/2.0" 200 3085 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "45.130.145.4" 300 3528 TLSv1.3/TLS_AES_128_GCM_SHA256 . 694a656840fb9a17c8a811319c791031550126539bc99000a3cd1c2032102afc 141.101.105.116 - - [31/Dec/2024:15:47:37 +1000] "POST /wp-login.php HTTP/2.0" 200 3085 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "45.130.145.4" 166 3528 TLSv1.3/TLS_AES_128_GCM_SHA256 . 694a656840fb9a17c8a811319c791031550126539bc99000a3cd1c2032102afc 141.101.105.116 - - [31/Dec/2024:15:47:48 +1000] "POST /wp-login.php HTTP/2.0" 200 3056 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "45.130.145.4" 85 3499 TLSv1.3/TLS_AES_128_GCM_SHA256 . 694a656840fb9a17c8a811319c791031550126539bc99000a3cd1c2032102afc 141.101.105.116 - - [31/Dec/2024:15:52:28 +10 ... show less	Brute-Force
🇺🇸 TPI-Abuse	2024-11-02 12:59:15 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 141.101.105.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 141.101.105.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 02 08:59:12.170881 2024] [security2:error] [pid 1191345:tid 1191345] [client 141.101.105.116:60610] [client 141.101.105.116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rodrigoaldecoa.com"] [uri "/crm/.env"] [unique_id "ZyYiIOpvEiI8p4wCpJkATwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-10-17 05:09:43 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 117 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.152.201.166

🇦🇷 186.148.224.83

🇸🇬 94.231.206.128

🇫🇷 85.217.140.25

🇳🇱 45.156.87.254

🇺🇸 43.224.66.196

🇰🇷 121.184.144.232

🇯🇵 104.46.228.53

🇩🇪 92.215.175.9

🇮🇹 84.247.195.250

🇨🇳 220.178.246.43

🇲🇴 182.93.50.90

🇩🇪 159.65.120.213

🇺🇸 107.150.101.57

🇱🇻 81.30.98.62

🇳🇱 45.156.87.34

🇳🇱 45.148.10.141

🇺🇸 44.16.156.249

🇨🇳 43.226.37.33

🇺🇸 20.127.170.172