JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.214.165.75

181.214.165.75 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 0%: ?

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	netutils.io
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.214.165.75

Whois 181.214.165.75

IP Abuse Reports for 181.214.165.75:

This IP address has been reported a total of 33 times from 21 distinct sources. 181.214.165.75 was first reported on December 11th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NXTwoThou	2026-05-12 03:16:38 (1 month ago)	/shop/wp-login.php	Web App Attack
🇪🇸 el-brujo	2026-04-16 06:33:42 (2 months ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.g ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.gnu-darwin.org%29+WHERE+6191%3D6191%2C%28sElEcT%2F%2A%2A%2FuPPeR%28XmlType%28CHR%2860%29%7C%7CCHR%2858%29%7C%7C%2527~%2527%7C%7C%28SELeCT%2F%2A%2A%2F%28cASE%2F%2A%2A%2FWheN%2F%2A%2A%2F%2810922%3D10922%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FelSe%2F%2A%2A%2F0%2F%2A%2A%2FEnD%29%2F%2A%2A%2FfRoM%2F%2A%2A%2FDuaL%29%7C%7C%2527~%2527%7C%7CcHr%2862%29%29%29%2F%2A%2A%2FfrOm%2F%2A%2A%2FduAL%29--+- Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: log Source: firewallManaged ASN Description: COGENT-174 - Cogent Communications, LLC Country: US Method: GET Timestamp: 2026-04-16T06:33:42Z ruleId: 00da180570d34b5bae2121acd0023a36. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-16 05:42:06 (2 months ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.g ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.gnu-darwin.org+WHERE+3814%3D3814%2C%28SELECT%25082582%2502WHERE%25072582%3DCONVERT%28INT%2C%28SELECT%2505%2527~%2527%2B%28SELECT%2506%28CASE%2508WHEN%250A%282582%3D2582%29%2503THEN%2502%25271%2527%2503ELSE%2503%25270%2527%2508END%29%29%2B%2527~%2527%29%29%29--+- Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: block Source: firewallManaged ASN Description: COGENT-174 - Cogent Communications, LLC Country: US Method: GET Timestamp: 2026-04-16T05:42:06Z ruleId: 4c580ea1b5174183b7f5e940b3de2e0a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-16 04:57:56 (2 months ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.g ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.gnu-darwin.orgAND%2F%2A%2A%2F1857%3DANY%28ARRAY%28SELECT%2F%2A%2A%2FCAST%28%27~%27%7C%7C%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%281857%3D1857%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FELSE%2F%2A%2A%2F0%2F%2A%2A%2FEND%29%29%3A%3Atext%7C%7C%27~%27%2F%2A%2A%2FAS%2F%2A%2A%2FINTEGER%29%29%29%23 Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: log Source: firewallManaged ASN Description: COGENT-174 - Cogent Communications, LLC Country: US Method: GET Timestamp: 2026-04-16T04:57:56Z ruleId: 3b0c61407d0b4f7d87e516472116d2fe. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-16 04:43:48 (2 months ago)	Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.g ... show more Cloudflare WAF: Request Path: /geolocalizacion.html Request Query: ?host=lesilvia.woodw.o.r.t.hwww.gnu-darwin.org%29AND%2F%2A%2A%2F6367%3DANY%28ARRAY%28SELECT%2F%2A%2A%2FCAST%28%27~%27%7C%7C%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%286367%3D6367%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FELSE%2F%2A%2A%2F0%2F%2A%2A%2FEND%29%29%3A%3Atext%7C%7C%27~%27%2F%2A%2A%2FAS%2F%2A%2A%2FINTEGER%29%29%29--+- Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: log Source: firewallManaged ASN Description: COGENT-174 - Cogent Communications, LLC Country: US Method: GET Timestamp: 2026-04-16T04:43:48Z ruleId: 3b0c61407d0b4f7d87e516472116d2fe. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇱🇻 garmtech.com	2026-04-05 14:52:16 (2 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇪🇸 el-brujo	2026-04-05 14:46:58 (2 months ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: www.elhacker.net userAgent: python-request ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: www.elhacker.net userAgent: python-requests/2.26.0 Action: block Source: firewallManaged ASN Description: COGENT-174 - Cogent Communications, LLC Country: US Method: GET Timestamp: 2026-04-05T14:46:58Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇭 teamsecure	2026-04-05 14:42:38 (2 months ago)	Banned for trying to access env	Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 14:41:09 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 181.214.165.75 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.214.165.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 10:41:02.065693 2026] [security2:error] [pid 24994:tid 24994] [client 181.214.165.75:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.upskirtcrazy.com"] [uri "/.env"] [unique_id "adJ0flrdoxHYRwyor6FqswAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-03-28 00:57:19 (2 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
Anonymous	2026-02-28 21:28:01 (3 months ago)	...	Brute-Force
🇨🇿 lp	2026-02-20 00:04:29 (4 months ago)	Email account brute force: 2 attempts were recorded from 181.214.165.75 2026-02-20T00:21:21+01:00 wa ... show more Email account brute force: 2 attempts were recorded from 181.214.165.75 2026-02-20T00:21:21+01:00 warning: unknown[181.214.165.75]: SASL PLAIN authentication failed: authentication failure, [email protected] 2026-02-20T00:21:22+01:00 warning: unknown[181.214.165.75]: SASL LOGIN authentication failed: authentication failure, [email protected] show less	Brute-Force
🇮🇹 VHosting	2026-02-18 23:10:22 (4 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 xmission.com	2026-01-24 15:40:28 (5 months ago)	Blocked by UFW (TCP on 1) Source port: 36188 TTL: 55 Packet length: 60 TOS: 0x08 This report (for 1 ... show more Blocked by UFW (TCP on 1) Source port: 36188 TTL: 55 Packet length: 60 TOS: 0x08 This report (for 181.214.165.75) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-12-03 12:36:07 (6 months ago)	botnet	DDoS Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 185.169.4.238

🇸🇪 155.4.244.179

🇺🇸 23.94.103.68

🇯🇵 172.253.198.214

🇪🇪 162.212.170.230

🇺🇸 45.132.115.40

🇬🇧 35.203.211.198

🇨🇳 223.74.192.33

🇲🇩 217.156.64.228

🇫🇮 147.185.133.51

🇺🇸 147.185.132.28

🇺🇸 100.28.118.16

🇷🇴 92.118.39.71

🇷🇴 80.94.95.211

🇩🇪 45.137.98.44

🇺🇸 45.92.229.228

🇺🇸 20.163.39.233

🇨🇳 223.73.10.170

🇮🇳 128.185.254.54

🇨🇳 111.26.167.166