JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.214.164.106

181.214.164.106 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.214.164.106

Whois 181.214.164.106

IP Abuse Reports for 181.214.164.106:

This IP address has been reported a total of 128 times from 34 distinct sources. 181.214.164.106 was first reported on February 3rd 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 hostseries	2026-03-04 11:32:25 (3 months ago)	Trigger: LF_SMTPAUTH	Brute-Force
Anonymous	2026-03-04 11:32:01 (3 months ago)	...	Brute-Force
🇬🇧 noise.agency	2026-03-04 11:30:43 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-)	Brute-Force
🇺🇸 bigscoots.com	2026-03-04 11:30:39 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-03-04 06:29:21 dovecot_plain authenticator failed for H=([10.8.18.238]) [181.214.164.106]:11446: 535 Incorrect authentication data ([email protected]) 2026-03-04 06:29:27 dovecot_login authenticator failed for H=([10.8.18.238]) [181.214.164.106]:11446: 535 Incorrect authentication data ([email protected]) 2026-03-04 06:29:33 dovecot_plain authenticator failed for H=([10.8.18.238]) [181.214.164.106]:1703: 535 Incorrect authentication data ([email protected]) 2026-03-04 06:30:30 dovecot_plain authenticator failed for H=([10.8.18.238]) [181.214.164.106]:26860: 535 Incorrect authentication data ([email protected]) 2026-03-04 06:30:36 dovecot_login authenticator failed for H=([10.8.18.238]) [181.214.164.106]:26860: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇦🇺 aglenday	2026-03-03 03:02:23 (3 months ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 1 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2026-03-03T14:02:18.029952+11:00 mail postfix/submission/smtpd[2308867]: warning: unknown[181.214.164.106]: SASL PLAIN authentication failed: (reason unavailable), [email protected] show less	Port Scan
🇨🇿 lp	2026-03-02 06:08:34 (3 months ago)	Email account brute force: 6 attempts were recorded from 181.214.164.106 2026-03-02T06:55:23+01:00 w ... show more Email account brute force: 6 attempts were recorded from 181.214.164.106 2026-03-02T06:55:23+01:00 warning: unknown[181.214.164.106]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-02T06:55:23+01:00 warning: unknown[181.214.164.106]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-02T06:55:25+01:00 warning: unknown[181.214.164.106]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-02T06:55:25+01:00 warning: unknown[181.214.164.106]: SASL LOGIN authentication failed: authentication failure, [email protected] 2026-03-02T06:55:33+01:00 warning: unknown[181.214.164.106]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-03-02T06:55:33+01:00 w show less	Brute-Force
🇮🇹 VHosting	2025-12-24 04:35:24 (6 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-10 13:11:26 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 181.214.164.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 181.214.164.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 08:11:22.916680 2025] [security2:error] [pid 31314:tid 31318] [client 181.214.164.106:41439] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|seanmeriwether.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "seanmeriwether.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRHkevwTDcNc_u91oor61wAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-10 10:50:00 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 181.214.164.106 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 181.214.164.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 05:49:52.664340 2025] [security2:error] [pid 24843:tid 24843] [client 181.214.164.106:49086] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|prodigypartners.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "prodigypartners.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRHDUFolO-zaOyurQq5uCgAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2025-10-02 21:19:04 (8 months ago)	Blocked by UFW (TCP on 57947) Source port: 51529 TTL: 119 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 57947) Source port: 51529 TTL: 119 Packet length: 52 TOS: 0x08 This report (for 181.214.164.106) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 bigscoots.com	2025-04-21 23:36:15 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-04-21 19:17:50 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:37008: 535 Incorrect authentication data ([email protected]) 2025-04-21 19:18:44 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:49856: 535 Incorrect authentication data ([email protected]) 2025-04-21 19:23:26 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:40782: 535 Incorrect authentication data ([email protected]) 2025-04-21 19:24:56 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:48506: 535 Incorrect authentication data ([email protected]) 2025-04-21 19:36:11 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:59452: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2025-04-20 19:56:26 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-04-20 15:34:17 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:58322: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:45:24 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:48392: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:46:54 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:37146: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:54:01 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:33938: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:56:24 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:50666: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 bigscoots.com	2025-04-20 19:31:59 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-04-20 15:10:05 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:50042: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:12:28 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:51744: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:23:36 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:34050: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:25:05 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:37878: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:31:56 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:48126: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇩🇪 uhlhosting	2025-04-20 19:31:54 (1 year ago)	2025-04-20T20:54:46.159712 cp.uhlhosting.ch postfix/smtpd[2869048]: warning: unknown[181.214.164.106 ... show more 2025-04-20T20:54:46.159712 cp.uhlhosting.ch postfix/smtpd[2869048]: warning: unknown[181.214.164.106]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2025-04-20T21:10:02.169358 cp.uhlhosting.ch postfix/smtpd[2870613]: warning: unknown[181.214.164.106]: SASL LOGIN authentication failed: (reason unavailable), [email protected] 2025-04-20T21:31:54.019901 cp.uhlhosting.ch postfix/smtpd[2874049]: warning: unknown[181.214.164.106]: SASL LOGIN authentication failed: (reason unavailable), [email protected] ... show less	Brute-Force
🇺🇸 bigscoots.com	2025-04-20 19:04:01 (1 year ago)	(smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs ... show more (smtpauth) Failed SMTP AUTH login from 181.214.164.106 (US/United States/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-04-20 14:50:23 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:38326: 535 Incorrect authentication data ([email protected]) 2025-04-20 14:54:46 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:34110: 535 Incorrect authentication data ([email protected]) 2025-04-20 14:56:03 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:50482: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:03:06 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:59318: 535 Incorrect authentication data ([email protected]) 2025-04-20 15:04:01 dovecot_login authenticator failed for (ADMIN) [181.214.164.106]:57674: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇭 119.82.253.25

🇬🇧 35.203.211.195

🇺🇸 216.226.77.20

🇬🇧 213.166.84.52

🇸🇬 157.245.151.137

🇫🇷 143.244.57.86

🇩🇪 138.201.228.184

🇨🇳 123.245.85.91

🇮🇷 93.115.126.77

🇺🇸 73.47.230.53

🇺🇸 62.132.18.53

🇳🇱 45.148.10.121

🇺🇸 40.67.183.181

🇵🇰 39.43.22.195

🇩🇪 217.244.78.15

🇮🇶 169.224.26.177

🇺🇸 162.216.149.24

🇫🇮 147.185.133.23

🇰🇷 110.10.176.24

🇺🇸 107.150.103.88