JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.249.222.106

94.249.222.106 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Funknetz HG Wireless
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197549
Domain Name	funknetz-hg.de
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.249.222.106

Whois 94.249.222.106

IP Abuse Reports for 94.249.222.106:

This IP address has been reported a total of 11 times from 3 distinct sources. 94.249.222.106 was first reported on June 10th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-10-18 11:13:18 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-10-15 06:59:21 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 15 02:59:14.621326 2024] [security2:error] [pid 25611:tid 25724] [client 94.249.222.106:60879] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|www.killasgarage.bike\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.killasgarage.bike"] [uri "/xmlrpc.php"] [unique_id "Zw4Swn8Laosf97hpcxM5ygAAAU0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-09-03 21:57:26 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 17:57:19.264316 2024] [security2:error] [pid 14407:tid 14407] [client 94.249.222.106:45303] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|www.havilahmalone.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.havilahmalone.com"] [uri "/xmlrpc.php"] [unique_id "ZteGP3jryUg5NPKqnAe9_wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-19 08:13:15 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 19 04:13:09.781497 2024] [security2:error] [pid 17330:tid 17352] [client 94.249.222.106:58303] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|rockabyecotons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockabyecotons.com"] [uri "/xmlrpc.php"] [unique_id "ZsL-lcSYp4m6rbL1AwSDlgAAAFQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 05:43:16 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 01:43:12.057099 2024] [security2:error] [pid 3276369:tid 3276390] [client 94.249.222.106:50297] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|www.rpiusa.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rpiusa.net"] [uri "/xmlrpc.php"] [unique_id "ZrWscGGa_Ad0l16a1OJo2gAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-22 21:39:02 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 17:38:58.610996 2024] [security2:error] [pid 1357226:tid 1357226] [client 94.249.222.106:37501] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|www.ixd.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.ixd.net"] [uri "/xmlrpc.php"] [unique_id "Zp7Rcs-M81w2xOMTKGqqJQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Linuxmalwarehuntingnl	2024-07-01 10:53:04 (1 year ago)	Unauthorized connection attempt	Brute-Force
Anonymous	2024-07-01 08:11:12 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-06-18 10:48:35 (2 years ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 18 06:48:28.006369 2024] [security2:error] [pid 17995] [client 94.249.222.106:58219] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|www.heatherweathers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.heatherweathers.com"] [uri "/xmlrpc.php"] [unique_id "ZnFl_I-2krWzg9UNdwaTnQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-06-14 00:45:19 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-06-10 22:16:22 (2 years ago)	(mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 94.249.222.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 10 18:16:17.821287 2024] [security2:error] [pid 3869:tid 47608351999744] [client 94.249.222.106:36283] [client 94.249.222.106] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 94.249.222.106 (+1 hits since last alert)\|cocoonprojects.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cocoonprojects.com"] [uri "/xmlrpc.php"] [unique_id "Zmd7MTkZPqClnIDF6cJ2_wAAAc4"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 144.126.135.187

🇻🇳 125.212.244.35

🇧🇩 103.169.161.70

🇲🇽 189.245.255.72

🇳🇱 176.65.139.218

🇨🇳 110.249.201.72

🇭🇰 103.149.26.230

🇦🇲 82.199.197.245

🇰🇼 62.150.237.107

🇻🇳 27.71.230.31

🇦🇺 202.7.251.6

🇸🇬 185.200.116.71

🇺🇸 149.13.10.158

🇺🇸 148.153.56.174

🇿🇦 102.64.37.46

🇺🇸 66.132.172.234

🇫🇷 46.105.62.253

🇹🇭 202.29.220.6

🇹🇼 198.235.24.65

🇧🇷 179.222.165.3