JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.102.112.118

185.102.112.118 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 5%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.102.112.118

Whois 185.102.112.118

IP Abuse Reports for 185.102.112.118:

This IP address has been reported a total of 15 times from 8 distinct sources. 185.102.112.118 was first reported on March 19th 2022, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-20 02:50:29 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 185.102.112.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.102.112.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 22:50:23.795552 2026] [security2:error] [pid 26367:tid 26367] [client 185.102.112.118:25887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|carterslawncare.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "carterslawncare.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajX_70CJya6TFHcjMHgNRwAAAB8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 18:23:27 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 185.102.112.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.102.112.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 14:23:21.539672 2026] [security2:error] [pid 2061:tid 2061] [client 185.102.112.118:13161] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sisix.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sisix.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajWJGf0YhJhEJr6tSiCx8AAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-17 16:50:35 (7 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-09-04 19:32:25 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 185.102.112.118 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 185.102.112.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 15:32:17.601682 2025] [security2:error] [pid 19030:tid 19030] [client 185.102.112.118:45553] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|sharkfamily.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "sharkfamily.com"] [uri "/"] [unique_id "aLnpQQuDTAjnKZwXijOqfAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-02 12:45:11 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-21 10:52:44 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-18 13:54:09 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-12 03:11:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-09 08:28:19 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇿 lp	2025-02-13 20:49:53 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 185.102.112.118 2025-02-13T20:27:30+0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 185.102.112.118 2025-02-13T20:27:30+01:00 vpn Access-Reject 'glennwei' station: 185.102.112.118 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-02-11 22:22:06 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 185.102.112.118 2025-02-11T21:45:22+0 ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 185.102.112.118 2025-02-11T21:45:22+01:00 vpn Access-Reject 'ster' station: 185.102.112.118 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-02-11T21:50:08+01:00 vpn Access-Reject 'library' station: 185.102.112.118 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇵🇱 rafix	2023-10-28 10:19:15 (2 years ago)	Scrapping website, using diffrent useragents, not wait for response, #botnet20231026	DDoS Attack Bad Web Bot
🇬🇧 Keratin	2023-05-18 08:56:43 (3 years ago)	Possible web app exploitation	Brute-Force Web App Attack
🇳🇱 true.nl	2022-06-24 11:57:00 (3 years ago)	IP participated in a http flood ddos attack against 87.233.198.20	DDoS Attack
Anonymous	2022-03-19 22:30:00 (4 years ago)	Password Spary Attack	Brute-Force Exploited Host

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 210.71.213.8

🇧🇷 191.35.128.147

🇷🇴 80.94.92.178

🇺🇿 194.107.115.199

🇩🇪 167.233.22.224

🇳🇱 160.119.76.57

🇺🇸 136.111.69.131

🇨🇳 111.53.144.4

🇵🇰 110.38.240.6

🇩🇪 69.5.169.229

🇩🇪 69.5.169.6

🇳🇱 45.148.10.151

🇮🇩 2404:c0:a302:b8ac:fc89:5ac4:2fc4:5e97

🇷🇺 212.14.196.34

🇬🇧 195.206.182.209

🇳🇱 91.92.40.124

🇫🇷 85.217.140.10

🇺🇸 47.251.98.151

🇧🇩 202.84.34.85

🇨🇱 200.89.69.247