JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.113.106.4

194.113.106.4 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 0%: ?

ISP	AEZA GROUP Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS216246
Domain Name	aeza.ru
Country	🇷🇺 Russian Federation
City	Moscow, Moscow

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.113.106.4

Whois 194.113.106.4

IP Abuse Reports for 194.113.106.4:

This IP address has been reported a total of 37 times from 25 distinct sources. 194.113.106.4 was first reported on March 17th 2026, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-27 10:08:21 (2 months ago)	"GET /backup.sql HTTP/1.1"	Hacking Web App Attack
🇬🇧 openstrike.co.uk	2026-03-27 06:15:37 (2 months ago)	18 attacks on env grabbing URLs, config grabbing URLs (type 2), VC URLs, site downloads: GET /.env.p ... show more 18 attacks on env grabbing URLs, config grabbing URLs (type 2), VC URLs, site downloads: GET /.env.production HTTP/1.1 GET /secrets.json HTTP/1.1 GET /.git/config HTTP/1.1 GET /db.sql HTTP/1.1 show less	Hacking
Anonymous	2026-03-27 01:30:12 (2 months ago)	Bot / seems abusive / Apache connections: 39	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 23:24:05 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 19:23:57.571332 2026] [security2:error] [pid 26056:tid 26056] [client 194.113.106.4:62210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.powerkiteforum.com"] [uri "/.env.local"] [unique_id "acXADcNBkb9Jk8CnOZfwiAAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-03-26 23:08:25 (2 months ago)	Excessive multi-domain requests	Brute-Force
🇩🇪 LRob.fr	2026-03-26 22:00:18 (2 months ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇳🇱 MyGlobalFlowers	2026-03-26 20:01:32 (2 months ago)	Multiple WAF Violations	Web App Attack
🇧🇪 voormedia	2026-03-26 19:49:36 (2 months ago)	Accessed trap at '/.env'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 18:17:38 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 14:17:33.027347 2026] [security2:error] [pid 8626:tid 8626] [client 194.113.106.4:57843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suffe.cool"] [uri "/.env"] [unique_id "acV4PUq7P_033FDDbfjNpgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-03-26 13:43:47 (2 months ago)	Multiple WAF Violations	Web App Attack
🇲🇾 Rizzy	2026-03-26 13:01:38 (2 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 12:39:36 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 08:39:29.336268 2026] [security2:error] [pid 8064:tid 8064] [client 194.113.106.4:51174] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sigridsnaturalfoods.com"] [uri "/.env"] [unique_id "acUpAfm2zJQCnoaLEgVFIAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-03-26 10:30:09 (2 months ago)	Accessed trap at '/.git/config'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-26 09:22:08 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in ... show more (mod_security) mod_security (id:210492) triggered by 194.113.106.4 (ashamedbrown.ptr.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 05:21:58.642005 2026] [security2:error] [pid 13147:tid 13170] [client 194.113.106.4:53207] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okorganicgardening.org"] [uri "/.env"] [unique_id "acT6ttB5USEkKyJAxbkEpAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-26 09:00:28 (2 months ago)	194.113.106.4 - - [26/Mar/2026:10:00:27 +0100] "GET /.git/config HTTP/1.1" 403 180 "-" "Mozilla/5.0 ... show more 194.113.106.4 - - [26/Mar/2026:10:00:27 +0100] "GET /.git/config HTTP/1.1" 403 180 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 194.113.106.4 - - [26/Mar/2026:10:00:27 +0100] "GET /backup.sql HTTP/1.1" 200 14305 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 194.113.106.4 - - [26/Mar/2026:10:00:27 +0100] "GET /dump.sql HTTP/1.1" 200 14305 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 154.221.25.72

🇺🇸 74.79.243.6

🇰🇷 211.106.137.135

🇯🇵 152.32.146.235

🇻🇳 103.77.242.153

🇮🇷 80.191.135.13

🇧🇷 2a09:bac5:aa0:2555::3b8:49

🇮🇳 2404:6800:4000:100c::12b

🇬🇧 193.163.125.163

🇻🇳 171.243.150.209

🇫🇷 155.117.233.15

🇮🇳 125.23.155.110

🇲🇦 81.192.46.32

🇷🇴 2.57.121.112

🇧🇷 200.155.66.2

🇬🇧 195.206.182.199

🇩🇪 194.88.98.86

🇺🇸 172.173.200.62

🇨🇳 114.67.232.93

🇮🇳 103.80.199.51