JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 141.94.94.166

141.94.94.166 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 85%: ?

85%

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	vps-e0dfe072.vps.ovh.net
Domain Name	ovh.net
Country	🇫🇷 France
City	Lille, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 141.94.94.166

Whois 141.94.94.166

IP Abuse Reports for 141.94.94.166:

This IP address has been reported a total of 27 times from 14 distinct sources. 141.94.94.166 was first reported on June 27th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-29 07:39:38 (4 hours ago)	(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:39:34.037053 2026] [security2:error] [pid 18466:tid 18466] [client 141.94.94.166:56678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.barbaraehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.barbaraehill.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akIhNo3-ABPyYiplFtHWswAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2026-06-29 07:39:19 (4 hours ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇺🇸 Lee Daniel	2026-06-29 07:21:04 (5 hours ago)	141.94.94.166 - - [29/Jun/2026:03:21:00 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1 ... show more 141.94.94.166 - - [29/Jun/2026:03:21:00 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45711 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 141.94.94.166 - - [29/Jun/2026:03:21:00 -0400] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45703 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 141.94.94.166 - - [29/Jun/2026:03:21:01 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45688 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 141.94.94.166 - - [29/Jun/2026:03:21:02 -0400] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45696 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 141.94.94.166 - - [29/Jun/2026:03:21:03 -0400] "GET //2019/wp-includes/wlwmani ... show less	DDoS Attack Web Spam Email Spam Port Scan Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-29 01:30:14 (10 hours ago)	(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:30:11.083358 2026] [security2:error] [pid 5227:tid 5227] [client 141.94.94.166:58083] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jmichaelpope.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jmichaelpope.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akHKo9P8lKgKk-E9WNqQnAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ✨	2026-06-29 01:17:21 (11 hours ago)	Domain : bangorfc.com Rule : env 2026-06-29 00:52:17 W3SVC464 PLESK72 79.171.34.85 GET /wp/wp-includ ... show more Domain : bangorfc.com Rule : env 2026-06-29 00:52:17 W3SVC464 PLESK72 79.171.34.85 GET /wp/wp-includes/wlwmanifest.xml - 443 - 141.94.94.166 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 - - bangorfc.com 404 0 2 9076 347 15 - - show less	Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-06-28 21:06:09 (15 hours ago)	(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:06:05.374406 2026] [security2:error] [pid 27921:tid 27921] [client 141.94.94.166:53466] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bamedica.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bamedica.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akGMvfOk_6jvrUIGGjmhlAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Dolphi	2026-06-28 19:30:02 (16 hours ago)	Excessive POST //wp-login.php requests	Brute-Force Web App Attack
🇨🇭 zynex	2026-06-28 18:18:40 (18 hours ago)	URL Probing: /news/wp-includes/wlwmanifest.xml	Web App Attack
🇩🇪 LRob.fr	2026-06-28 17:45:08 (18 hours ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
🇩🇪 LRob.fr	2026-06-28 17:30:05 (18 hours ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-28 17:05:14 (19 hours ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=20	Hacking
🇩🇪 LRob.fr	2026-06-28 16:30:14 (19 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 todix	2026-06-28 13:15:11 (23 hours ago)	Web App Attack Exploid from 141.94.94.166	Web App Attack
🇮🇪 Jim Keir	2026-06-28 10:32:38 (1 day ago)	2026-06-28 10:32:37 141.94.94.166 File scanning, blocking 141.94.94.166 for 5 minutes	Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 07:38:11 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:38:05.721924 2026] [security2:error] [pid 12598:tid 12598] [client 141.94.94.166:61876] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.badconsultingllc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.badconsultingllc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akDPXdW-7Jogi5aP6hwKVQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 134.122.23.150

🇷🇺 87.251.65.19

🇮🇩 180.247.57.191

🇧🇷 138.117.222.188

🇺🇸 136.144.35.134

🇮🇳 135.13.28.35

🇨🇳 124.222.20.173

🇱🇻 81.30.98.62

🇫🇷 80.13.60.144

🇭🇰 46.247.61.189

🇨🇳 1.182.25.97

🇰🇷 211.228.102.165

🇺🇸 192.178.36.17

🇧🇷 136.248.121.226

🇷🇺 81.95.135.114

🇺🇸 66.132.186.250

🇧🇷 45.5.110.214

🇸🇬 20.6.35.235

🇵🇰 182.180.59.208

🇮🇹 178.239.36.105