JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.126.94.57

188.126.94.57 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 0%: ?

ISP	PRIVATE INTERNET ACCESS, Inc Url: https://privateinternetaccess.com/
Usage Type	Data Center/Web Hosting/Transit
ASN	AS42708
Hostname(s)	188-126-94-57-static.glesys.net
Domain Name	privateinternetaccess.com
Country	🇩🇰 Denmark
City	Glostrup, Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.126.94.57

Whois 188.126.94.57

IP Abuse Reports for 188.126.94.57:

This IP address has been reported a total of 48 times from 34 distinct sources. 188.126.94.57 was first reported on November 18th 2020, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Jimbo67	2026-04-28 19:37:59 (1 month ago)	Cloudflare WAF block on arleo.eu \| Hits: 4 in 5min \| Actions: managed_challenge \| URIs: /en/grav-plu ... show more Cloudflare WAF block on arleo.eu \| Hits: 4 in 5min \| Actions: managed_challenge \| URIs: /en/grav-plugin-google-indexing, /favicon.ico show less	Web App Attack Bad Web Bot
🇫🇮 Ticlem	2026-03-29 16:17:55 (2 months ago)	2026-03-29T17:52:06.860280+02:00 clement-turlure kernel: [3178909.406182] [UFW BLOCK] IN=enp0s31f6 O ... show more 2026-03-29T17:52:06.860280+02:00 clement-turlure kernel: [3178909.406182] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=188.126.94.57 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=56 ID=32270 PROTO=UDP SPT=4748 DPT=6881 LEN=123 2026-03-29T18:09:18.891787+02:00 clement-turlure kernel: [3179941.446795] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=188.126.94.57 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=56 ID=25854 PROTO=UDP SPT=61925 DPT=6881 LEN=123 2026-03-29T18:17:54.909147+02:00 clement-turlure kernel: [3180457.468748] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:f7:16:fb:d0:07:ca:8d:22:75:08:00 SRC=188.126.94.57 DST=95.216.21.136 LEN=143 TOS=0x00 PREC=0x00 TTL=56 ID=29372 PROTO=UDP SPT=46225 DPT=6881 LEN=123 ... show less	Port Scan
🇷🇺 Agrohim	2026-02-06 09:22:21 (4 months ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇨🇳 ThreatBook.io	2025-10-23 22:26:12 (7 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/188.126.94.57 202 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/188.126.94.57 2025-10-23 10:37:12 / show less	Web App Attack
🇨🇭 backslash	2025-09-01 10:20:12 (9 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-05-25 03:17:23 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-05-22 23:40:02 (1 year ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Hacking SQL Injection Web App Attack
🇳🇱 NSCA-ISEU	2025-05-02 08:13:56 (1 year ago)	Next.js Authentication Bypass (CVE-2025-29927). 188.126.94.57 is part of Pia VPN VT: Malicious: 0 ... show more Next.js Authentication Bypass (CVE-2025-29927). 188.126.94.57 is part of Pia VPN VT: Malicious: 0 - Suspicious: 1. AS42708 GleSYS AB. Org: PRIVATE INTERNET ACCESS, Inc show less	VPN IP Port Scan Hacking Web App Attack
🇧🇪 cmbplf	2024-10-10 13:03:16 (1 year ago)	5 /?ipwqc=acequ (2mos1w3d)	Brute-Force Bad Web Bot
🇳🇱 Linuxmalwarehuntingnl	2024-07-03 08:59:29 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇺🇸 bigscoots.com	2024-05-30 20:27:59 (2 years ago)	(smtpauth) Failed SMTP AUTH login from 188.126.94.57 (DK/Denmark/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 188.126.94.57 (DK/Denmark/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2024-05-30 16:26:44 dovecot_login authenticator failed for (Cc2Ih4lNXL) [188.126.94.57]:57889: 535 Incorrect authentication data (set_id=contact) 2024-05-30 16:26:55 dovecot_login authenticator failed for (JJgwCiN) [188.126.94.57]:58321: 535 Incorrect authentication data (set_id=contact) 2024-05-30 16:27:17 dovecot_login authenticator failed for (gNsvTAH) [188.126.94.57]:59003: 535 Incorrect authentication data (set_id=contact) 2024-05-30 16:27:38 dovecot_login authenticator failed for (35Dy7u) [188.126.94.57]:60258: 535 Incorrect authentication data (set_id=contact) 2024-05-30 16:27:58 dovecot_login authenticator failed for (T2GJhu) [188.126.94.57]:61421: 535 Incorrect authentication data (set_id=contact) show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-05-16 20:12:55 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 188.126.94.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 188.126.94.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 16 16:12:50.615690 2024] [security2:error] [pid 21092:tid 47208965654272] [client 188.126.94.57:34650] [client 188.126.94.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "infectioncontrolsys.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "ZkZowjxolS9o5B9m7Hc7qwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-16 10:31:38 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 188.126.94.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 188.126.94.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 16 06:31:33.015727 2024] [security2:error] [pid 10871] [client 188.126.94.57:53546] [client 188.126.94.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meatinglive.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "ZkXghd4SKtXZvgDZqynnyQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-05-16 09:40:14 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 188.126.94.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 188.126.94.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 16 05:40:05.794932 2024] [security2:error] [pid 1792967] [client 188.126.94.57:59602] [client 188.126.94.57] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.visiontours.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "ZkXUddCliuzXg35zrXbXNAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Marcello	2024-05-16 05:57:00 (2 years ago)	188.126.94.57 - - [14/May/2024:13:56:02 +0200] "GET /mah.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Win ... show more 188.126.94.57 - - [14/May/2024:13:56:02 +0200] "GET /mah.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36" "-" : 3346 x : 188.126.94.57 - - [14/May/2024:13:59:19 +0200] "GET http://n1.n2.n3.n4/blog/2020/09/30/piam-expresses-profound-disappointment-at-myccs-decision/wp-content/ HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0" show less	Brute-Force Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:6000::78

🇰🇷 218.146.133.117

🇺🇸 216.25.89.82

🇳🇱 204.76.203.81

🇬🇧 188.166.169.66

🇬🇧 188.166.152.80

🇳🇱 188.166.125.199

🇳🇱 188.166.121.131

🇫🇮 172.217.37.145

🇯🇵 139.162.66.65

🇩🇪 130.12.182.143

🇨🇳 117.72.157.214

🇨🇳 110.253.225.168

🇺🇸 76.79.213.69

🇳🇱 45.148.10.152

🇨🇳 42.54.239.113

🇺🇸 34.11.8.82

🇯🇵 8.216.13.122

🇰🇷 218.146.45.68

🇳🇱 188.166.101.149