JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 181.41.206.148

181.41.206.148 was found in our database!

This IP was reported 93 times. Confidence of Abuse is 1%: ?

ISP	Cyber Assets FZCO
Usage Type	Fixed Line ISP
ASN	AS174
Domain Name	cyberassets.ae
Country	🇺🇸 United States of America
City	Denver, Colorado

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 181.41.206.148

Whois 181.41.206.148

IP Abuse Reports for 181.41.206.148:

This IP address has been reported a total of 93 times from 56 distinct sources. 181.41.206.148 was first reported on April 30th 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-05-30 15:37:26 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-04-20 04:30:47 (1 month ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
🇵🇹 SubnetShadowSpecter	2026-01-30 13:30:07 (4 months ago)	[Security Alert] Active probing for system vulnerabilities detected. IP banned. [User-Agent]: Unknow ... show more [Security Alert] Active probing for system vulnerabilities detected. IP banned. [User-Agent]: Unknown. [OS]: Unknown. [IP Address]: 181.41.206.148 [Date]: 2025-11-24 10:12:23 show less	Hacking Bad Web Bot Web App Attack
Anonymous	2025-11-30 19:48:13 (6 months ago)	$f2bV_matches	Brute-Force
🇵🇱 dzpk	2025-11-27 08:55:10 (6 months ago)	[27/Nov/2025:09:48:49 +0100] 17642333291.308460 181.41.206.148 20788 HOST 80 [27/Nov/2025:09:48:50 + ... show more [27/Nov/2025:09:48:49 +0100] 17642333291.308460 181.41.206.148 20788 HOST 80 [27/Nov/2025:09:48:50 +0100] 176423333088.483638 181.41.206.148 38000 HOST 443 [27/Nov/2025:09:55:09 +0100] 176423370916.182099 181.41.206.148 64542 HOST 80 show less	Web App Attack
🇫🇷 dwmp	2025-11-27 05:53:02 (6 months ago)	[27/Nov/2025:05:28:49.167634 +0100] aSfTgZkfcvkHf5m8OOK83AAAAEA 181.41.206.148 45402 38.242.227.117 ... show more [27/Nov/2025:05:28:49.167634 +0100] aSfTgZkfcvkHf5m8OOK83AAAAEA 181.41.206.148 45402 38.242.227.117 7081 [27/Nov/2025:05:48:53.810193 +0100] aSfYNZkfcvkHf5m8OOK@XgAAAE4 181.41.206.148 47440 38.242.227.117 7081 [27/Nov/2025:06:53:02.454680 +0100] aSfnPpkfcvkHf5m8OOK@yAAAAFE 181.41.206.148 49058 38.242.227.117 7081 ... show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-27 03:43:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 181.41.206.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.41.206.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 22:43:22.213104 2025] [security2:error] [pid 3772:tid 3772] [client 181.41.206.148:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail-pmg.com"] [uri "/.env"] [unique_id "aSfI2rj01q6WI7k_phFc7QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-27 03:20:05 (6 months ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 02:46:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 181.41.206.148 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.41.206.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 21:46:04.098765 2025] [security2:error] [pid 7495:tid 7529] [client 181.41.206.148:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "raytbrown.com"] [uri "/.env"] [unique_id "aSe7bD_yhW33HSmJKYkmJgAAAI8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2025-11-26 22:45:24 (6 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 webanyone	2025-11-26 21:30:14 (6 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇩🇪 kommunos	2025-11-26 21:23:20 (6 months ago)	/.env	Web App Attack
🇧🇾 lns.bz	2025-11-26 21:03:32 (6 months ago)	.env scanning [BY]	Web App Attack
🇺🇸 mawan	2025-11-26 13:08:51 (6 months ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
Anonymous	2025-11-26 12:12:20 (6 months ago)	Infected user bad webscan	Exploited Host

Showing 1 to 15 of 93 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.149

🇬🇧 193.163.125.100

🇺🇸 69.49.246.176

🇺🇸 66.132.186.133

🇭🇰 43.154.195.142

🇬🇧 35.203.210.128

🇫🇮 147.185.133.48

🇷🇺 128.127.145.102

🇳🇱 91.92.40.231

🇳🇱 91.92.40.7

🇨🇦 85.217.149.74

🇨🇦 85.217.149.58

🇸🇪 81.226.129.67

🇺🇸 47.251.48.41

🇺🇸 18.191.47.251

🇬🇧 216.226.76.20

🇹🇼 198.235.24.41

🇰🇪 197.248.8.33

🇰🇷 119.203.251.187

🇮🇩 103.165.139.145