JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.215.182.140

181.215.182.140 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	Cyber Assets FZCO
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	cyberassets.ae
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.215.182.140

Whois 181.215.182.140

IP Abuse Reports for 181.215.182.140:

This IP address has been reported a total of 24 times from 16 distinct sources. 181.215.182.140 was first reported on October 27th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Baking333	2026-04-26 22:28:43 (1 month ago)	[redacted] 181.215.182.140 - - [26/Apr/2026:23:09:48 +0100] "GET /.env HTTP/1.1" 302 5268 0/63330 "- ... show more [redacted] 181.215.182.140 - - [26/Apr/2026:23:09:48 +0100] "GET /.env HTTP/1.1" 302 5268 0/63330 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" [redacted] 181.215.182.140 - - [26/Apr/2026:23:28:41 +0100] "GET /.env HTTP/1.1" 302 5288 0/158093 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-04-26 22:08:02 (1 month ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-04-26 20:39:44 (1 month ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 20:38:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 16:38:05.729636 2026] [security2:error] [pid 17485:tid 17485] [client 181.215.182.140:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gibitdigital.com"] [uri "/.env"] [unique_id "ae53rZ-Q7Dyys8_yFAyrZgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-04-26 20:36:12 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /.env \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-26 20:18:27 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 16:18:23.004994 2026] [security2:error] [pid 26549:tid 26549] [client 181.215.182.140:8515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "1healthplace.com"] [uri "/.env"] [unique_id "ae5zD4HLfupl4tUgLoWInQAAACo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 dtorrer	2026-04-26 20:13:53 (1 month ago)	General vulnerability scan.	Port Scan
🇺🇸 TPI-Abuse	2026-04-26 19:27:50 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 15:27:45.976170 2026] [security2:error] [pid 7837:tid 7852] [client 181.215.182.140:37744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3dfilament.com"] [uri "/.env"] [unique_id "ae5nMcKoHFYy_6OXtSs4XQAAAI0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-04-26 19:17:05 (1 month ago)	Try to access /.env	Web App Attack
🇫🇷 Baking333	2026-04-26 19:09:56 (1 month ago)	[redacted] 181.215.182.140 - - [26/Apr/2026:19:48:04 +0100] "GET /.env HTTP/1.1" 302 5278 0/68839 "- ... show more [redacted] 181.215.182.140 - - [26/Apr/2026:19:48:04 +0100] "GET /.env HTTP/1.1" 302 5278 0/68839 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" [redacted] 181.215.182.140 - - [26/Apr/2026:20:09:55 +0100] "GET /.env HTTP/1.1" 302 5313 0/65122 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less	Bad Web Bot Web App Attack
🇺🇸 apislytics	2026-04-26 18:58:54 (1 month ago)	Automatic hard ban after repeated rate-limit abuse	Brute-Force
🇺🇸 TPI-Abuse	2026-04-26 18:55:43 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 14:55:35.436267 2026] [security2:error] [pid 18626:tid 18626] [client 181.215.182.140:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.env"] [unique_id "ae5fp1WHtnyMu8A8TlApGAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-04-26 18:41:47 (1 month ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇫🇷 Dorian GRANDHAY	2025-10-27 04:39:40 (7 months ago)	181.215.182.140 (US/United States/-), 5 distributed smtpauth attacks on account [contact@arthafrance ... show more 181.215.182.140 (US/United States/-), 5 distributed smtpauth attacks on account [[email protected]] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: 2025-10-27 05:39:37 dovecot_login authenticator failed for (ADMIN) [181.215.182.140]:52570: 535 Incorrect authentication data ([email protected]) 2025-10-27 05:17:00 dovecot_login authenticator failed for (ADMIN) [194.110.13.12]:42081: 535 Incorrect authentication data ([email protected]) 2025-10-27 04:56:31 dovecot_login authenticator failed for (ADMIN) [138.199.59.212]:46140: 535 Incorrect authentication data ([email protected]) 2025-10-27 05:28:46 dovecot_login authenticator failed for (ADMIN) [149.22.90.242]:56762: 535 Incorrect authentication data ([email protected]) 2025-10-27 04:42:50 dovecot_login authenticator failed for (ADMIN) [185.225.28.237]:16257: 535 Incorrect authentication data ([email protected]) IP Addresses Blocked: show less	Port Scan
🇵🇱 sefinek.net	2025-06-13 02:15:39 (1 year ago)	Honeypot hit: Unauthorized traffic (32 bytes of payload); 8081 [11] TCP	Port Scan

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a09:bac5:624b:281e::3ff:37

🇫🇷 2620:171:eb:f0::249

🇭🇰 199.45.154.183

🇺🇦 185.219.79.249

🇬🇧 185.216.145.189

🇧🇷 168.181.15.35

🇻🇳 125.212.217.143

🇺🇸 107.151.196.132

🇳🇱 104.23.170.126

🇵🇱 87.251.64.144

🇧🇷 45.190.207.38

🇨🇭 20.203.162.38

🇮🇳 2409:40e5:11fc:b4dc:d879:47b2:367d:c1a3

🇮🇳 2401:4900:8f56:e823:1d2a:a1ce:d350:9d4c

🇬🇧 217.154.38.181

🇳🇱 176.65.149.194

🇨🇳 163.142.241.119

🇭🇰 123.58.210.86

🇵🇱 83.168.89.49

🇱🇹 62.60.130.219