JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.215.94.6

181.215.94.6 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 33%: ?

33%

ISP	Cyber Assets FZCO
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	cyberassets.ae
Country	🇫🇷 France
City	Marseille, Provence-Alpes-Cote d'Azur

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.215.94.6

Whois 181.215.94.6

IP Abuse Reports for 181.215.94.6:

This IP address has been reported a total of 175 times from 75 distinct sources. 181.215.94.6 was first reported on February 13th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 masterguru	2026-06-24 07:27:02 (2 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-128) show less	Bad Web Bot
🇬🇧 consul.to	2026-06-07 12:44:17 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇷 Octopuce	2026-06-06 21:17:08 (2 weeks ago)	Aggressive web search of vulnerable pages: /wp-admin/shell20211028.php /natural.php /item.php /funct ... show more Aggressive web search of vulnerable pages: /wp-admin/shell20211028.php /natural.php /item.php /function/function.php /wp-includes/SimplePie/ind ... show less	Web App Attack
🇬🇧 consul.to	2026-06-05 17:24:20 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇫🇮 as211431.net	2026-06-05 00:28:57 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from FR. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from FR. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /vendor/phpunit/phpunit/src/Util/PHP/ask.php UA: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇦🇺 dyln	2026-06-03 11:15:56 (3 weeks ago)	Dyls honeypot brute-force: SIP (4 total hits)	Hacking Brute-Force
🇬🇧 consul.to	2026-05-26 15:44:57 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇿🇦 Tokolosh Hunters	2026-05-15 06:48:15 (1 month ago)	AutoBlockWindow-Known bad useragent query-2026-05-15 06:48:14	Bad Web Bot
Anonymous	2026-05-10 08:24:27 (1 month ago)	Failed Wordpress Logins	Web App Attack
🇮🇩 zam	2026-05-05 10:04:42 (1 month ago)	181.215.94.6 - - [05/May/2026:10:04:39 +0000] "GET /simple.php HTTP/1.1" 301 295	Web App Attack
Anonymous	2026-05-01 06:29:06 (1 month ago)	Failed Wordpress Logins	Web App Attack
🇺🇸 TPI-Abuse	2026-04-20 14:50:27 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 181.215.94.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 181.215.94.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 10:50:21.685504 2026] [security2:error] [pid 3751584:tid 3751584] [client 181.215.94.6:51665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zoboz.com"] [uri "/.git/execute.php"] [unique_id "aeY9LSIfH2EMVu-lDjNtJQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 Origon	2026-04-20 13:49:29 (2 months ago)	http-backdoors-attempts - IP: 181.215.94.6 - time="2026-04-20T15:49:29+02:00" level=info msg="(555f ... show more http-backdoors-attempts - IP: 181.215.94.6 - time="2026-04-20T15:49:29+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-backdoors-attempts by ip 181.215.94.6 (FR/212238) : 4h ban on Ip 181.215.94.6" module=db show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 15:07:04 (2 months ago)	(mod_security) mod_security (id:234930) triggered by 181.215.94.6 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:234930) triggered by 181.215.94.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 11:06:58.015264 2026] [security2:error] [pid 3249497:tid 3249497] [client 181.215.94.6:43171] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|savannah-house.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "savannah-house.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "aeOeEqInNqU4qzzhtJfo-QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-04-18 04:34:09 (2 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 130.12.182.39

🇹🇭 118.194.251.145

🇯🇵 54.95.85.225

🇰🇷 203.142.160.143

🇧🇷 201.63.223.141

🇸🇬 192.161.54.182

🇮🇳 182.19.35.57

🇳🇱 176.65.139.233

🇺🇸 147.182.166.182

🇵🇭 120.29.89.111

🇮🇪 108.130.253.156

🇧🇷 20.226.0.82

🇳🇱 185.223.235.60

🇺🇸 172.69.70.77

🇺🇸 162.216.149.192

🇯🇵 160.16.96.171

🇺🇸 45.63.4.69

🇧🇷 43.164.194.87

🇨🇳 39.78.141.155

🇬🇧 217.146.80.109