JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 162.214.80.85

162.214.80.85 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 0%: ?

ISP	Unified Layer
Usage Type	Content Delivery Network
ASN	AS31898
Hostname(s)	sh024.webhostingservices.com
Domain Name	unifiedlayer.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 162.214.80.85

Whois 162.214.80.85

IP Abuse Reports for 162.214.80.85:

This IP address has been reported a total of 89 times from 44 distinct sources. 162.214.80.85 was first reported on January 14th 2021, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-12-05 20:10:19 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SpaceHost-Server	2025-12-04 23:33:23 (6 months ago)		Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-12-04 20:10:16 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇮🇹 LTM	2025-12-04 07:20:01 (6 months ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇺🇸 mind5t0rm	2025-12-04 06:40:39 (6 months ago)	(WPLOGIN,XMLRPC) Login failure/trigger from 162.214.80.85 (US/United States/sh024.webhostingservices ... show more (WPLOGIN,XMLRPC) Login failure/trigger from 162.214.80.85 (US/United States/sh024.webhostingservices.com): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 162.214.80.85 - - [04/Dec/2025:12:47:32 +0700] "GET /wp-login.php HTTP/1.1" 301 0 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; .NET4.0E)" 162.214.80.85 - - [04/Dec/2025:12:47:33 +0700] "POST /wp-login.php HTTP/1.1" 301 0 "https://www.traveldailynews.com/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; .NET4.0C; .NET4.0E)" 162.214.80.85 - - [04/Dec/2025:13:40:35 +0700] "GET /wp-login.php HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.79 Safari/537.36" show less	Port Scan
🇧🇪 cmbplf	2025-12-04 06:31:48 (6 months ago)	911 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇵🇱 IROK	2025-12-04 06:23:58 (6 months ago)	Malware/WebShell Scan blocked by ModSecurity ...	Hacking
🇫🇷 masterguru	2025-12-04 06:15:43 (6 months ago)	(xmlrpc) Apache: Failed xmlrpc access from 162.214.80.85 (US/United States/sh024.webhostingservices. ... show more (xmlrpc) Apache: Failed xmlrpc access from 162.214.80.85 (US/United States/sh024.webhostingservices.com): 10 in the last 3600 secs (0-196) show less	Hacking
🇺🇸 TPI-Abuse	2025-12-04 05:47:53 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 162.214.80.85 (sh024.webhostingservices.com): 1 ... show more (mod_security) mod_security (id:225170) triggered by 162.214.80.85 (sh024.webhostingservices.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 00:47:48.320324 2025] [security2:error] [pid 22422:tid 22422] [client 162.214.80.85:58950] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.robinsnestingplace.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.robinsnestingplace.net"] [uri "/wp-json/Wp/v2/users"] [unique_id "aTEghIRiGKUcnmZvSe7s5gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-12-04 05:07:14 (6 months ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇲🇾 Rizzy	2025-12-04 04:54:05 (6 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-04 02:45:41 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 162.214.80.85 (sh024.webhostingservices.com): 1 ... show more (mod_security) mod_security (id:225170) triggered by 162.214.80.85 (sh024.webhostingservices.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 03 21:45:37.208480 2025] [security2:error] [pid 32442:tid 32464] [client 162.214.80.85:30644] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|iamfluff.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iamfluff.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aTD10eVpIyJ9cErUfmYUfwAAARQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2025-12-04 01:52:33 (6 months ago)	162.214.80.85 - - [04/Dec/2025:02:52:33 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 162.214.80.85 - - [04/Dec/2025:02:52:33 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 OPR/52.0.2871.99" show less	Hacking Web App Attack
🇦🇺 MAGIC	2025-12-04 01:00:48 (6 months ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-12-04 00:54:51 (6 months ago)	Failed Wordpress Logins	Web App Attack

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 2c0f:fb50:4001:5::12e

🇺🇸 170.106.193.108

🇫🇷 152.228.217.126

🇺🇸 65.49.1.88

🇺🇸 216.73.160.168

🇷🇺 185.93.108.40

🇭🇰 122.10.115.18

🇻🇳 103.60.242.169

🇺🇸 74.7.241.31

🇩🇪 69.5.169.235

🇩🇪 69.5.169.204

🇺🇸 47.77.199.120

🇳🇱 45.148.10.147

🇸🇬 43.173.132.95

🇳🇱 2a00:1450:4013:c14::122

🇬🇧 195.96.139.43

🇬🇧 172.98.190.132

🇺🇸 129.80.200.33

🇨🇳 117.50.118.246

🇸🇬 114.119.133.125