JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 80.94.95.211

80.94.95.211 was found in our database!

This IP was reported 2,331 times. Confidence of Abuse is 100%: ?

100%

ISP	UNMANAGED LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS204428
Domain Name	unmanaged.uk
Country	🇷🇴 Romania
City	Timisoara, Timis County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 80.94.95.211

Whois 80.94.95.211

IP Abuse Reports for 80.94.95.211:

This IP address has been reported a total of 2,331 times from 590 distinct sources. 80.94.95.211 was first reported on June 21st 2025, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 McClay	2026-06-03 18:00:43 (3 hours ago)	HTTP-404 spam:80.94.95.211 - - [03/Jun/2026:20:00:39 +0200] "GET /.env HTTP/1.1" 404 1014 "-" "Mozil ... show more HTTP-404 spam:80.94.95.211 - - [03/Jun/2026:20:00:39 +0200] "GET /.env HTTP/1.1" 404 1014 "-" "Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" 80.94.95.211 - - [03/Jun/2026:20:00:39 +0200] "GET /.env.php HTTP/1.1" 404 209 "-" "Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" 80.94.95.211 - - [03/Jun/2026:20:00:39 +0200] "GET /.env.sample.php HTTP/1.1" 404 209 "-" "Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" 80.94.95.211 - - [03/Jun/2026:20:00:39 +0200] "GET /.env.local.php HTTP/1.1" 404 209 "-" "Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" 80.94.95.211 - - [03/Jun/2026:20:00:40 +0200] "GET /.env.production.php HTTP/1.1" 404 209 "-" "Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12" 80.94.95.211 - - [03/Jun/2026:20:00:40 +0200 ... show less	Web App Attack
🇺🇦 MakselPr	2026-06-03 17:51:39 (3 hours ago)	2026/06/03 20:51:38 [error] 173692#173692: 29024 open() "/etc/nginx/html/cgi-bin/.env" failed (2: N ... show more 2026/06/03 20:51:38 [error] 173692#173692: 29024 open() "/etc/nginx/html/cgi-bin/.env" failed (2: No such file or directory), client: 80.94.95.211, server: , request: "GET /cgi-bin/.env HTTP/1.1", host: "91.196.80.2:80" 2026/06/03 20:51:39 [error] 173692#173692: *29029 open() "/etc/nginx/html/mail/.env" failed (2: No such file or directory), client: 80.94.95.211, server: , request: "GET /mail/.env HTTP/1.1", host: "91.196.80.2:80" ... show less	Brute-Force
🇻🇳 trung.fun	2026-06-03 17:51:10 (3 hours ago)	DDoS, Hack, Brute Force, Web Attack ...	DDoS Attack Web Spam Hacking Brute-Force Web App Attack
🇧🇪 sid3windr	2026-06-03 17:50:25 (3 hours ago)	GET /.env (Tarpitted for , wasted 120B)	Web App Attack
🇩🇪 MusicLibrary	2026-06-03 17:38:21 (4 hours ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇩🇪 fleckenbase	2026-06-03 17:15:15 (4 hours ago)	apache-noscript ...	Brute-Force Web App Attack
🇦🇺 greenhost.com.au	2026-06-03 17:00:07 (4 hours ago)	Automated report: 58 attacks in 24h targeting flightapp via NGINX. NGINX/probe: 58 on flightapp	Web App Attack
🇮🇹 ivanbiagi7	2026-06-03 16:50:18 (4 hours ago)	(localhost/crowdsec) crowdsecurity/http-sensitive-files by ip 80.94.95.211 (RO/204428) : 4h ban on I ... show more (localhost/crowdsec) crowdsecurity/http-sensitive-files by ip 80.94.95.211 (RO/204428) : 4h ban on Ip 80.94.95.211 show less	Web App Attack
🇩🇪 MBombeck	2026-06-03 16:46:14 (5 hours ago)	Fail2Ban: traefik-botsearch on edge-01.ioioio.dev	Port Scan Web App Attack
🇺🇸 anon333	2026-06-03 16:36:13 (5 hours ago)	Invalid HTTP port 80 probes to server T1236	Hacking Exploited Host
🇳🇿 realstuffie	2026-06-03 16:35:23 (5 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇵🇱 alianet	2026-06-03 16:27:47 (5 hours ago)	[Wed Jun 03 04:53:08.148260 2026] [proxy_fcgi:error] [pid 3520499:tid 3520551] [client 80.94.95.211: ... show more [Wed Jun 03 04:53:08.148260 2026] [proxy_fcgi:error] [pid 3520499:tid 3520551] [client 80.94.95.211:8094] AH01071: Got error 'Primary script unknown' [Wed Jun 03 04:53:08.238921 2026] [proxy_fcgi:error] [pid 4111068:tid 4111109] [client 80.94.95.211:8108] AH01071: Got error 'Primary script unknown' [Wed Jun 03 04:53:08.331693 2026] [proxy_fcgi:error] [pid 3519394:tid 3519465] [client 80.94.95.211:8120] AH01071: Got error 'Primary script unknown' [Wed Jun 03 04:53:08.424785 2026] [proxy_fcgi:error] [pid 3519468:tid 3519559] [client 80.94.95.211:8134] AH01071: Got error 'Primary script unknown' [Wed Jun 03 04:53:08.518187 2026] [proxy_fcgi:error] [pid 3520499:tid 3520527] [client 80.94.95.211:8140] AH01071: Got error 'Primary script unknown' [Wed Jun 03 04:53:11.007027 2026] [proxy_fcgi:error] [pid 3519468:tid 3519558] [client 80.94.95.211:8226] AH01071: Got error 'Primary script unknown' [Wed Jun 03 04:53:11.359626 2026] [proxy_fcgi:error] [pid 205763:tid 205799] [client 80.94.95.211:82 ... show less	Port Scan Web App Attack
🇷🇴 StarTech Team	2026-06-03 16:07:19 (5 hours ago)	Web App Atack	Web App Attack
Anonymous	2026-06-03 16:03:33 (5 hours ago)	IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Event ... show more IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-sensitive-files; Action=ban; Events=5; Hosts=45.137.198.87:80; Paths=/.env,/.env.php,/.env.sample.php,/config.env,/twilio/.env.php; Country=RO; ASN=204428 SS-Net show less	Hacking Web App Attack
Anonymous	2026-06-03 15:53:09 (5 hours ago)	Reported from Nginx log analysis 11. Log: 80.94.95.211 - - [03/Jun/2026:xx:xx:xx 0200] "GET /.env H ... show more Reported from Nginx log analysis 11. Log: 80.94.95.211 - - [03/Jun/2026:xx:xx:xx 0200] "GET /.env HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20100101 Firefox/11.0" "-" "RO Romania -" "AS204428" "SS-Net" show less	Port Scan Brute-Force SSH

Showing 16 to 30 of 2331 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇾 181.117.188.3

🇫🇷 95.111.240.214

🇨🇳 42.176.125.16

🇧🇷 191.5.154.174

🇳🇱 176.65.139.218

🇧🇬 79.124.62.230

🇮🇳 66.116.205.19

🇸🇬 52.77.243.137

🇬🇪 5.152.112.188

🇲🇽 187.135.0.103

🇺🇾 179.24.6.247

🇸🇦 168.149.25.183

🇺🇸 147.185.132.105

🇳🇱 45.148.10.141

🇮🇹 31.59.89.180

🇨🇳 223.88.60.117

🇩🇪 167.233.26.122

🇩🇪 167.94.145.27

🇮🇱 147.235.219.206

🇫🇷 87.89.31.111