JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.209.111.84

181.209.111.84 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 1%: ?

ISP	Puerto80 S.R.L
Usage Type	Fixed Line ISP
ASN	AS52361
Hostname(s)	84.111.209.181.in-addr.arpa
Domain Name	arsat.com.ar
Country	🇦🇷 Argentina
City	Santa Catalina - Dique Lujan, Buenos Aires

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.209.111.84

Whois 181.209.111.84

IP Abuse Reports for 181.209.111.84:

This IP address has been reported a total of 44 times from 20 distinct sources. 181.209.111.84 was first reported on August 21st 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 el-brujo	2026-05-04 02:39:22 (1 month ago)	Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows N ... show more Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: ARSAT - Empresa Argentina de Soluciones Satelitales S.A. Country: AR Method: GET Timestamp: 2026-05-04T02:39:22Z ruleId: 9bc0d8e988e545dea9bd4843c4bef55c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
Anonymous	2026-04-03 17:56:21 (2 months ago)	Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ... show more Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-post.asp show less	Exploited Host Bad Web Bot
🇮🇹 VHosting	2026-03-31 14:13:15 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-29 06:26:23 (2 months ago)	(mod_security) mod_security (id:225080) triggered by 181.209.111.84 (84.111.209.181.in-addr.arpa): 1 ... show more (mod_security) mod_security (id:225080) triggered by 181.209.111.84 (84.111.209.181.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 02:26:15.463270 2026] [security2:error] [pid 8505:tid 8505] [client 181.209.111.84:57714] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^[\\\\d\\\\.ab]+$" against "ARGS_GET:C" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "143"] [id "225080"] [rev "1"] [msg "COMODO WAF: XSS vulnerability in Plupload before 2.1.9 or MediaElement.js before 2.21.0, as used in WordPress before 4.5.2 (CVE-2016-4566 & CVE-2016-4567)\|\|www.cffragrances.iee-usa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cffragrances.iee-usa.com"] [uri "/wp-includes/js/tinymce/plugins/spellchecker/includes/"] [unique_id "acjGBwZm1jjQglUojiI7qgAAAAs"], referer: http://www.cffragrances.iee-usa.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇸🇬 mypatricks	2026-03-20 23:51:39 (2 months ago)	181.209.111.84 \| Port: 11054 \| DNS: 84.111.209.181.in-addr.arpa 2026-03-21T07:51:38+08:00 America/Ar ... show more 181.209.111.84 \| Port: 11054 \| DNS: 84.111.209.181.in-addr.arpa 2026-03-21T07:51:38+08:00 America/Argentina/Buenos_Aires \| IPs reserved list \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 Edg/136.0.0.0 HTTP/1.1 443 GET \| URL: /fondant-cakes-rilakkuma-sleep/?8530b9715aaa037fbbca5a238a643184=1773042448&9ab6dae986b1a7c5b0f880f368019f6=enabled \| Ref: https://xxxxxx/fondant-cakes-rilakkuma-sleep/?7b12bb9042265d4daa34e20f484642f4=1772723413&905f0f4adf94e5ece731c=enabled \| Country: AR/Argentina/−03:00 IP City: Santa Catalina - Dique Lujan Windows 9df8a0371f59c706-EZE/Buenos Aires, Argentina 1 hits/0 secs Robots 3 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
🇬🇧 CDN	2026-02-23 06:11:37 (3 months ago)	SQL Injection	Port Scan
🇨🇭 Modules	2025-12-15 13:04:18 (5 months ago)	Open proxy http://181.209.111.84:999 (RT:20731ms,Loc:Argentina,ASN:AS52361)	Open Proxy
Anonymous	2025-11-25 17:57:30 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇩🇪 Silly Development	2025-10-20 15:14:42 (7 months ago)	2025-10-20T17:11:55.893768+02:00 Raptor wings[1520817]: 2025/10/20 17:11:55 http: TLS handshake erro ... show more 2025-10-20T17:11:55.893768+02:00 Raptor wings[1520817]: 2025/10/20 17:11:55 http: TLS handshake error from 181.209.111.84:55173: EOF 2025-10-20T17:12:24.341291+02:00 Raptor wings[1520817]: 2025/10/20 17:12:24 http: TLS handshake error from 181.209.111.84:55864: EOF 2025-10-20T17:14:41.532684+02:00 Raptor wings[1520817]: 2025/10/20 17:14:41 http: TLS handshake error from 181.209.111.84:58688: EOF ... show less	DDoS Attack
🇺🇸 yangfan	2025-09-29 16:16:13 (8 months ago)	IP: 181.209.111.84 [Country: AR] triggered WAF (firewallCustom). Action: managed_challenge ASN: 5236 ... show more IP: 181.209.111.84 [Country: AR] triggered WAF (firewallCustom). Action: managed_challenge ASN: 52361 (ARSAT - Empresa Argentina de Soluciones Satelitales S.A.) Protocol: HTTP/1.1 (method GET) Endpoint: /cc.hryjtrgefw Time: 2025-09-29T14:35:43Z User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:90.0) Gecko/20100101 Firefox/90.0 --- Report generated by CFWAF2AbuseIPDB. show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 exxos	2025-09-08 23:03:01 (8 months ago)	Attacks with Bad user agents	Hacking
🇺🇸 SuperEvilLuke	2025-08-08 14:34:01 (9 months ago)	Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towa ... show more Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towards host dash.embotic.xyz (GET HTTP/1.1) @ 2025-08-08T14:34:01Z (3 occurrences) show less	DDoS Attack Exploited Host
🇺🇸 SuperEvilLuke	2025-08-08 14:29:08 (9 months ago)	Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towa ... show more Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towards host client.embotic.xyz (GET HTTP/1.1) @ 2025-08-08T14:29:08Z (3 occurrences) show less	DDoS Attack Exploited Host
🇺🇸 SuperEvilLuke	2025-08-05 22:24:24 (9 months ago)	2025-08-05T19:06:09Z,"Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones ... show more 2025-08-05T19:06:09Z,"Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towards host dash.embotic.xyz (GET HTTP/2) @ 2025-08-05T19:06:09Z (5 occurrences) show less	DDoS Attack
🇬🇧 SuperEvilLuke	2025-08-05 19:06:09 (9 months ago)	Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towa ... show more Malicious activity detected from 52361 ARSAT - Empresa Argentina de Soluciones Satelitales S.A. towards host dash.embotic.xyz (GET HTTP/2) @ 2025-08-05T19:06:09Z (6 occurrences) show less	DDoS Attack Exploited Host

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.13.86.90

🇲🇽 187.190.35.163

🇺🇸 172.253.244.145

🇻🇳 171.231.194.143

🇨🇦 89.149.52.89

🇬🇧 35.203.210.83

🇺🇸 135.237.125.195

🇨🇳 124.251.110.186

🇸🇬 118.194.235.16

🇨🇭 104.244.74.201

🇳🇱 89.21.67.179

🇸🇬 47.84.160.216

🇨🇳 36.150.236.49

🇮🇳 223.181.54.16

🇧🇷 205.210.31.198

🇺🇸 185.180.141.45

🇺🇸 162.216.149.131

🇸🇬 148.72.213.43

🇺🇸 147.185.132.193

🇧🇷 147.93.14.26