JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.215.182.156

181.215.182.156 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 91%: ?

91%

ISP	Cyber Assets FZCO
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	cyberassets.ae
Country	🇺🇸 United States of America
City	Dallas, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.215.182.156

Whois 181.215.182.156

IP Abuse Reports for 181.215.182.156:

This IP address has been reported a total of 26 times from 21 distinct sources. 181.215.182.156 was first reported on August 17th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-25 21:12:51 (1 day ago)	Abuse Detected (1)	Brute-Force Web App Attack
Anonymous	2026-06-24 08:06:13 (3 days ago)	Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=4	Hacking
🇺🇸 infra-monitor	2026-06-24 08:00:04 (3 days ago)	Automated ban via infra-monitor: suspicious-probe	Port Scan
🇺🇸 TPI-Abuse	2026-06-24 07:43:17 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.156 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:43:11.980899 2026] [security2:error] [pid 13303:tid 13303] [client 181.215.182.156:47146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "horseillustration.com"] [uri "/.env"] [unique_id "ajuKj5l3qEbXydI4NdM0LwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-24 07:41:01 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 zynex	2026-06-24 07:27:13 (3 days ago)	URL Probing: /.env	Web App Attack
🇮🇹 www.tana.it	2026-06-24 07:19:51 (3 days ago)	PHP scan	Web App Attack
🇳🇱 e.fierstra	2026-06-24 07:02:00 (3 days ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 06:02:54 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.156 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 02:02:50.119380 2026] [security2:error] [pid 4042:tid 4042] [client 181.215.182.156:48379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thoughtage.com"] [uri "/.env"] [unique_id "ajtzCgqv0quuyKWsWfRCyQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-24 05:49:37 (3 days ago)	[Wed Jun 24 15:49:36.894210 2026] [security2:error] [pid 340288] [client 181.215.182.156:55029] [cli ... show more [Wed Jun 24 15:49:36.894210 2026] [security2:error] [pid 340288] [client 181.215.182.156:55029] [client 181.215.182.156] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stkildashule.org.au"] [uri "/.env"] [unique_id "ajtv8Ky0YvMSkq6fgKeJigAAAAw"] ... show less	Web App Attack
🇩🇪 big-cloud.nl	2026-06-24 04:17:09 (3 days ago)	Try to access /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 04:09:20 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 181.215.182.156 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 181.215.182.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 00:09:16.758964 2026] [security2:error] [pid 11962:tid 11962] [client 181.215.182.156:27257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brentsagnotti.com"] [uri "/.env"] [unique_id "ajtYbIluw1yFySV2x1VixgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇴 jad-abuse	2026-06-24 03:53:05 (3 days ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 2 hits. show less	Web App Attack
Anonymous	2026-06-24 03:25:01 (3 days ago)	suspicious request in access.log	Web App Attack
🇧🇷 Halux	2026-06-24 03:23:10 (3 days ago)	181.215.182.156 Probing protected path or service	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.153.143

🇳🇬 152.32.141.2

🇰🇷 115.68.226.131

🇳🇱 45.148.10.151

🇳🇱 45.148.10.141

🇭🇰 165.154.41.152

🇧🇷 129.121.47.136

🇫🇷 91.231.89.68

🇸🇪 45.88.13.88

🇺🇸 216.244.66.241

🇺🇸 216.180.246.1

🇫🇮 185.227.68.157

🇨🇳 117.78.33.253

🇨🇳 101.201.153.106

🇦🇺 92.113.134.93

🇫🇷 85.217.140.26

🇱🇻 81.30.98.158

🇺🇸 74.142.165.90

🇳🇱 45.148.10.240

🇫🇷 13.140.137.189