JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.141.160.116

94.141.160.116 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	Frankfurt, Germany
Usage Type	Data Center/Web Hosting/Transit
ASN	AS215590
Domain Name	xorek.cloud
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.141.160.116

Whois 94.141.160.116

IP Abuse Reports for 94.141.160.116:

This IP address has been reported a total of 7 times from 5 distinct sources. 94.141.160.116 was first reported on August 8th 2024, and the most recent report was 10 months ago.

Old Reports: The most recent abuse report for this IP address is from 10 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Joe-Mark	2025-07-29 07:21:30 (10 months ago)	Found Repeated attacks against our network . proto=tcp . spt=48844 . dpt=25 . NFTABLES . I ... show more Found Repeated attacks against our network . proto=tcp . spt=48844 . dpt=25 . NFTABLES . IP2Location flagged as Proxy (CXXII) show less	Email Spam
🇬🇧 gaztronics	2025-07-29 06:42:01 (10 months ago)	2025-07-29T06:41:54.958850 liberator sendmail[879166]: 56T6f4nH879166: [94.141.160.116] did not issu ... show more 2025-07-29T06:41:54.958850 liberator sendmail[879166]: 56T6f4nH879166: [94.141.160.116] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA ... show less	Brute-Force
🇬🇧 Joe-Mark	2025-07-25 12:11:48 (10 months ago)	spamassassin with scrollout configs . Compliance Notice: Unverified Accounts May Be Limited . (banki ... show more spamassassin with scrollout configs . Compliance Notice: Unverified Accounts May Be Limited . ([email protected]) . RCVD IN BL SPAMCOP NET[1.2] . RCVD IN ANONMAILS[3.0] . RCVD IN AMI BLACK[9.0] . RCVD IN AMI DYN[9.0] . URIBL ABUSE SURBL[1.9] . BL 3 POLSPAM PL[1.0] . BL 2 POLSPAM PL[1.5] . BL 1 POLSPAM PL[2.0] . RCVD IN HOSTKARMA BL[2.5] . RCVD IN BRUKALAI BLACK[2.1] . RCVD IN GBUDB[5.0] . INTERSERVER DNSBL[3.4] . SEM MONTH[1.0] . SO PUB URIBL NS 40[2.0] . MIME HTML MOSTLY[0.1] . MPART ALT DIFF[0.7] . DKIM SIGNED[0.1] . DKIM VALID AU[-0.1] . DKIM VALID EF[-0.1] . DKIM VALID[-0.1] . RAZOR2 CF RANGE 51 100[2.4] . RAZOR2 CHECK[1.7] show less	Email Spam
🇩🇪 Packets-Decreaser.NET	2024-08-10 00:40:37 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2024-08-09 20:08:42 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.141.160.116 (236450.xorek.cloud): 1 in the l ... show more (mod_security) mod_security (id:240335) triggered by 94.141.160.116 (236450.xorek.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 16:08:33.545674 2024] [security2:error] [pid 32023:tid 32023] [client 94.141.160.116:42992] [client 94.141.160.116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.141.160.116 (+1 hits since last alert)\|rotentendales.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rotentendales.com"] [uri "/xmlrpc.php"] [unique_id "ZrZ3QUxNPrhk5rmiKXNhHgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 02:37:01 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.141.160.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.141.160.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 22:36:53.460375 2024] [security2:error] [pid 16626:tid 16626] [client 94.141.160.116:38622] [client 94.141.160.116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.141.160.116 (+1 hits since last alert)\|www.vangentholding.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.vangentholding.com"] [uri "/xmlrpc.php"] [unique_id "ZrWAxfY6HEgZmAV31jc7fwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-08 20:49:49 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.228.106

🇳🇱 176.65.148.58

🇺🇸 172.202.122.207

🇨🇳 171.216.138.146

🇺🇸 151.246.213.132

🇺🇸 150.107.38.203

🇺🇸 104.234.208.37

🇮🇳 103.175.8.3

🇧🇩 103.142.69.89

🇷🇴 80.96.70.56

🇩🇪 69.5.169.28

🇸🇬 43.128.113.103

🇨🇳 222.219.232.57

🇨🇴 191.104.146.221

🇨🇱 186.104.186.97

🇩🇪 185.242.3.195

🇺🇸 185.191.171.15

🇫🇷 185.177.72.51

🇺🇸 147.185.132.93

🇧🇩 103.140.64.130