JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.33.101.215

94.33.101.215 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 64%: ?

64%

ISP	Open Fiber S.P.A.
Usage Type	Fixed Line ISP
ASN	AS210218
Domain Name	openfiber.it
Country	🇮🇹 Italy
City	Bari, Apulia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.33.101.215

Whois 94.33.101.215

IP Abuse Reports for 94.33.101.215:

This IP address has been reported a total of 10 times from 10 distinct sources. 94.33.101.215 was first reported on June 21st 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-27 13:00:05 (3 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 pltcldvlpr	2026-06-27 11:11:51 (5 hours ago)	CMS/framework probe: 94.33.101.215 - - [27/Jun/2026:13:11:51 +0200] "POST /xmlrpc.php HTTP/1.1" 404 ... show more CMS/framework probe: 94.33.101.215 - - [27/Jun/2026:13:11:51 +0200] "POST /xmlrpc.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/100.0.0.0 Safari/537.36" asn=210218 org="Open Fiber S.P.A." country=IT ... show less	Web App Attack
🇳🇱 wlt-blocker	2026-06-27 11:07:49 (5 hours ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-27 09:46:40 (6 hours ago)	Attac	Brute-Force
Anonymous	2026-06-27 09:46:23 (6 hours ago)	(wordpress) Failed wordpress login from 94.33.101.215 (IT/Italy/-)	Brute-Force
🇫🇷 Baking333	2026-06-25 16:15:15 (2 days ago)	[redacted] 94.33.101.215 - - [25/Jun/2026:17:15:10 +0100] "POST /[redacted] HTTP/1.1" 405 6367 0/454 ... show more [redacted] 94.33.101.215 - - [25/Jun/2026:17:15:10 +0100] "POST /[redacted] HTTP/1.1" 405 6367 0/45470 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/88.0.0.0 Safari/537.36" [redacted] 94.33.101.215 - - [25/Jun/2026:17:15:13 +0100] "POST /[redacted] HTTP/1.1" 405 6367 0/69364 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-24 17:26:23 (2 days ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 Penny Packer	2026-06-24 17:05:47 (2 days ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 12:17:50 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 94.33.101.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 94.33.101.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 08:17:42.981948 2026] [security2:error] [pid 22075:tid 22075] [client 94.33.101.215:62287] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|nextstepplus.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nextstepplus.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajvK5rF2TN2jK6ljgNHdEgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-21 18:07:23 (5 days ago)	[SunJun2120:07:19.4020322026][security2:error][pid1790441:tid1790448][client94.33.101.215:0]ModSecur ... show more [SunJun2120:07:19.4020322026][security2:error][pid1790441:tid1790448][client94.33.101.215:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"server-privato.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajgoVwZYrEr0ZoC2-UbahQAAAAU\"] show less	Hacking Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.102.110.162

🇺🇸 170.130.187.58

🇩🇪 141.11.107.166

🇫🇷 90.84.168.147

🇱🇹 62.60.130.219

🇳🇱 45.148.10.141

🇧🇷 2a09:bac1:1140:b0::4d1:2c

🇭🇰 199.45.154.127

🇬🇧 193.163.125.240

🇺🇸 193.36.225.31

🇷🇺 176.211.42.202

🇺🇸 162.216.150.162

🇫🇮 147.185.133.16

🇰🇷 118.193.69.67

🇳🇱 82.196.1.212

🇩🇪 43.157.98.118

🇺🇸 209.141.41.212

🇩🇪 188.68.47.21

🇸🇳 154.124.16.83

🇺🇸 147.185.132.26