JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.102.113.102

185.102.113.102 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 19%: ?

19%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.102.113.102

Whois 185.102.113.102

IP Abuse Reports for 185.102.113.102:

This IP address has been reported a total of 23 times from 11 distinct sources. 185.102.113.102 was first reported on August 7th 2024, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-09 03:08:47 (5 days ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-05-30 02:26:24 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 22:26:19.284518 2026] [security2:error] [pid 30709:tid 30709] [client 185.102.113.102:53369] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahpKy8TRAFcHpOn1qoS88QAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 02:22:08 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 22:22:04.559394 2026] [security2:error] [pid 25356:tid 25356] [client 185.102.113.102:43723] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|berksoft.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "berksoft.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahOyTEFbV3l-cSBFPYWLCwAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-05-20 05:26:48 (3 weeks ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-05-08 16:44:03 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 12:43:56.776979 2026] [security2:error] [pid 7652:tid 7652] [client 185.102.113.102:42009] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|PamelaLambert.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pamelalambert.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af4SzG3iFpnP-okHwycgYAAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-02-19 16:05:08 (3 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-17 16:50:21 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-04-19 10:02:36 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-16 08:00:21 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-14 12:16:11 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-08 15:33:05 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-06 09:44:06 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-03-02 23:24:42 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.102.113.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 02 18:24:37.058819 2025] [security2:error] [pid 13276:tid 13276] [client 185.102.113.102:38739] [client 185.102.113.102] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greatwesternfirearms.deubellzebub.com"] [uri "/.env"] [unique_id "Z8TotWSPDpM55Ndd13TpOgAAAAE"], referer: https://tasamm.com/about/ggg34.html show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-09 17:55:27 (1 year ago)	wordpress-trap	Web App Attack
🇦🇺 MAGIC	2025-02-07 08:10:16 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 87.115.211.6

🇮🇳 182.95.186.22

🇺🇸 167.172.133.162

🇸🇬 167.172.77.130

🇩🇪 165.245.240.3

🇨🇳 121.57.181.182

🇨🇳 114.224.199.149

🇨🇳 113.221.99.239

🇦🇺 103.216.220.184

🇷🇴 92.118.39.214

🇫🇷 84.247.132.245

🇩🇪 83.135.178.172

🇺🇸 72.56.41.50

🇺🇸 20.65.192.98

🇰🇷 211.254.212.59

🇰🇷 211.46.188.16

🇳🇱 188.166.68.252

🇻🇳 180.93.43.226

🇯🇴 176.28.253.172

🇵🇰 175.107.1.19