JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.23.204.164

94.23.204.164 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 75%: ?

75%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	OVH SAS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	ns3040214.ip-94-23-204.eu
Domain Name	ovh.net
Country	🇫🇷 France
City	Lille, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.23.204.164

Whois 94.23.204.164

IP Abuse Reports for 94.23.204.164:

This IP address has been reported a total of 18 times from 13 distinct sources. 94.23.204.164 was first reported on June 10th 2026, and the most recent report was 11 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 08:13:46 (11 minutes ago)	(mod_security) mod_security (id:225170) triggered by 94.23.204.164 (ns3040214.ip-94-23-204.eu): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.23.204.164 (ns3040214.ip-94-23-204.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:13:38.573801 2026] [security2:error] [pid 3280:tid 3280] [client 94.23.204.164:54426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|edgebiopharma.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edgebiopharma.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajZLsn-o-1hmqdpFKQl-HAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-20 03:08:13 (5 hours ago)	Attac	Brute-Force
🇺🇸 xmission.com	2026-06-19 15:56:39 (16 hours ago)	Blocked by UFW (TCP on 1) Source port: 47754 TTL: 50 Packet length: 60 TOS: 0x00 This report (for 9 ... show more Blocked by UFW (TCP on 1) Source port: 47754 TTL: 50 Packet length: 60 TOS: 0x00 This report (for 94.23.204.164) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-19 11:40:57 (20 hours ago)	(mod_security) mod_security (id:225170) triggered by 94.23.204.164 (ns3040214.ip-94-23-204.eu): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 94.23.204.164 (ns3040214.ip-94-23-204.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 07:40:50.744024 2026] [security2:error] [pid 27170:tid 27180] [client 94.23.204.164:50540] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|leaderoftheopposition.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "leaderoftheopposition.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajUqwq1jo4Si24oGBAOsvgAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2026-06-19 09:14:12 (23 hours ago)	Form spam	Web Spam
🇩🇪 LRob.fr	2026-06-19 03:45:03 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-18 18:32:03 (1 day ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇷🇴 eddy.ro	2026-06-18 13:11:12 (1 day ago)	[Thu Jun 18 16:11:10.541109 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/va ... show more [Thu Jun 18 16:11:10.541109 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 16:11:10.729826 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 16:11:10.933029 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 16:11:11.138921 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 16:11:11.344464 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/var/www/html/index.php' not found or unable to stat [Thu Jun 18 16:11:11.539909 2026] [php:error] [pid 2222088] [client 94.23.204.164:40128] script '/var/www/html/index.php' not found or unable to stat ... show less	DDoS Attack Web App Attack
🇩🇪 LRob.fr	2026-06-18 03:15:02 (2 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 CK_beats	2026-06-17 21:05:03 (2 days ago)	Blocked by os-abuseipdb on OPNsense firewall KN-FW01; 8 hits, proto=tcp, ports=80	Port Scan Hacking
🇺🇸 xmission.com	2026-06-17 16:29:19 (2 days ago)	Blocked by UFW (TCP on 49919) Source port: 37524 TTL: 51 Packet length: 60 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 49919) Source port: 37524 TTL: 51 Packet length: 60 TOS: 0x00 This report (for 94.23.204.164) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 LRob.fr	2026-06-16 20:45:02 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-06-16 10:39:42 (3 days ago)	Fail2Ban banned 94.23.204.164 for security violations in jail wp-armour. Log: 2026/06/16 10:39:42 [e ... show more Fail2Ban banned 94.23.204.164 for security violations in jail wp-armour. Log: 2026/06/16 10:39:42 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 94.23.204.164 \| Target: wplogin" , client: 94.23.204.164, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇩🇪 Spiderpiggy	2026-06-16 09:21:56 (3 days ago)	Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoi ... show more Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoint: /.aws show less	Brute-Force Bad Web Bot SSH
🇦🇺 screwlooseit.com.au	2026-06-15 23:05:06 (4 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC FR/France/ns3040214.ip-94-23-204.eu	Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 185.216.32.166

🇭🇰 129.226.114.61

🇩🇪 103.75.199.4

🇹🇼 61.220.235.10

🇳🇱 51.15.19.159

🇳🇱 45.148.10.157

🇩🇪 44.144.146.120

🇩🇪 213.209.159.235

🇧🇷 177.207.250.1

🇰🇷 121.142.119.77

🇵🇪 38.43.145.9

🇬🇧 35.203.211.124

🇺🇸 172.239.64.84

🇺🇸 172.236.239.55

🇨🇳 117.62.22.127

🇳🇱 91.92.42.195

🇫🇷 85.217.140.38

🇱🇹 81.30.98.49

🇷🇴 80.94.92.187

🇳🇱 77.83.39.14