JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.152.206.113

94.152.206.113 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Cyber_Folks S.A.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS29522
Hostname(s)	dedyk110.cyber-folks.pl
Domain Name	cyberfolks.pl
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.152.206.113

Whois 94.152.206.113

IP Abuse Reports for 94.152.206.113:

This IP address has been reported a total of 35 times from 22 distinct sources. 94.152.206.113 was first reported on June 26th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-06-27 22:01:12 (1 day ago)	wp-login attack [27/Jun/2026:05:32:55	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 08:09:37 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 04:09:32.330795 2026] [security2:error] [pid 16553:tid 16553] [client 94.152.206.113:34210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.riedmannfamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.riedmannfamily.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj-FPIGw4sUFMDdOTicpfgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-27 07:19:35 (1 day ago)	94.152.206.113 - - [27/Jun/2026:09:19:30 +0200] "GET /wp-login.php HTTP/2.0" 200 3998 "-" "Mozilla/5 ... show more 94.152.206.113 - - [27/Jun/2026:09:19:30 +0200] "GET /wp-login.php HTTP/2.0" 200 3998 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 07:08:37 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:08:32.734749 2026] [security2:error] [pid 3445:tid 3445] [client 94.152.206.113:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kirklandhighlands.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kirklandhighlands.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj928H-pNFogASbRUVm3RgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 neo72	2026-06-27 07:01:47 (1 day ago)	Detected malicious activity - bulk block	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 06:45:29 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:45:22.649369 2026] [security2:error] [pid 5430:tid 5452] [client 94.152.206.113:48030] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|testproperty.pref-realestate.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "testproperty.pref-realestate.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj9xgmIj6kUddDsgMS94VAAAANU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 05:48:30 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 01:48:22.915739 2026] [security2:error] [pid 25552:tid 25552] [client 94.152.206.113:54708] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|proyectando.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "proyectando.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj9kJvTNNhDcd6D8lFsBggAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ingroscart.it	2026-06-27 03:02:46 (2 days ago)	(wordpress) Failed wordpress login from 94.152.206.113 (PL/Poland/-/-/dedyk110.cyber-folks.pl/[redac ... show more (wordpress) Failed wordpress login from 94.152.206.113 (PL/Poland/-/-/dedyk110.cyber-folks.pl/[redacted]) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-27 02:43:45 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:43:41.201933 2026] [security2:error] [pid 1993:tid 1993] [client 94.152.206.113:53042] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|intrinsicdiscovery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "intrinsicdiscovery.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj843Q8Iq2k8cVp_DKhHAgAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇴 SpamStopper	2026-06-27 02:33:49 (2 days ago)	Fail2Ban - WP Spoofing	Port Scan Brute-Force Web App Attack
🇬🇧 poundawebsiteltd	2026-06-27 02:24:56 (2 days ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 94.152.206.113 - - [27/Jun/2026:03:24:50 +0100] ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 94.152.206.113 - - [27/Jun/2026:03:24:50 +0100] POST /wp-login.php HTTP/2.0 200 5415 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0 show less	Web App Attack
Anonymous	2026-06-27 02:20:04 (2 days ago)	Bot / scanning and/or hacking attempts: [2/2] done, GET /wp-login.php HTTP/2.0, POST /wp-login.php H ... show more Bot / scanning and/or hacking attempts: [2/2] done, GET /wp-login.php HTTP/2.0, POST /wp-login.php HTTP/2.0 show less	Hacking Web App Attack
🇺🇸 nyt	2026-06-27 02:08:33 (2 days ago)	Repeated WordPress login POSTs blocked by WAF (3 in 6h)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 01:48:16 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.152.206.113 (dedyk110.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 21:48:09.909981 2026] [security2:error] [pid 9170:tid 9170] [client 94.152.206.113:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.southernbroadcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.southernbroadcast.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aj8r2V6ynqv4lerLxX7tEwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-27 01:46:03 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 185.194.8.215

🇮🇳 103.199.123.126

🇳🇱 93.123.109.128

🇯🇵 74.176.205.111

🇨🇳 61.28.113.246

🇨🇳 58.34.152.146

🇺🇸 2a01:4ff:f0:974f::1

🇮🇳 202.89.77.65

🇧🇪 198.235.24.180

🇭🇰 150.5.169.176

🇱🇦 103.114.147.217

🇫🇷 85.217.140.47

🇺🇸 50.80.68.188

🇬🇧 18.169.118.65

🇹🇼 198.235.24.41

🇬🇧 193.163.125.37

🇬🇧 188.240.59.14

🇲🇩 185.164.81.156

🇲🇽 177.245.97.49

🇸🇦 143.92.230.234