JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.132.187.116

185.132.187.116 was found in our database!

This IP was reported 122 times. Confidence of Abuse is 23%: ?

23%

ISP	Digital Resources Management S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	digitalrm.es
Country	🇧🇪 Belgium
City	Brussels, Brussels Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.132.187.116

Whois 185.132.187.116

IP Abuse Reports for 185.132.187.116:

This IP address has been reported a total of 122 times from 44 distinct sources. 185.132.187.116 was first reported on May 8th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Baking333	2026-06-04 12:32:02 (3 weeks ago)	[redacted] 185.132.187.116 - - [04/Jun/2026:13:31:59 +0100] "GET /.git-audit-probe-9c3dad600c5c3245/ ... show more [redacted] 185.132.187.116 - - [04/Jun/2026:13:31:59 +0100] "GET /.git-audit-probe-9c3dad600c5c3245/HEAD HTTP/1.1" 302 5263 0/110636 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" [redacted] 185.132.187.116 - - [04/Jun/2026:13:31:59 +0100] "GET /.git/HEAD HTTP/1.1" 302 5263 0/74991 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:140.0) Gecko/20100101 Firefox/140.0" show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:29:03 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:28:58.063157 2026] [security2:error] [pid 11522:tid 11522] [client 185.132.187.116:65521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scsurfside.net"] [uri "/.git/"] [unique_id "aiFviiyXBpcmpf-j9kL4TwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 09:39:28 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 05:39:23.369738 2026] [security2:error] [pid 30923:tid 30923] [client 185.132.187.116:20805] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ficklepassion.com"] [uri "/.git/HEAD"] [unique_id "aiFHy81El5Ul8HA8MdvVZQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 08:01:52 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:01:49.006574 2026] [security2:error] [pid 16866:tid 16896] [client 185.132.187.116:42107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koublacat.com"] [uri "/.git/HEAD"] [unique_id "aiEw7R5pvNPppI9GXmixGgAAARc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:21:17 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:21:11.772159 2026] [security2:error] [pid 16938:tid 16938] [client 185.132.187.116:20545] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rosemeadefarms.com"] [uri "/.git/config"] [unique_id "aiEnZ2gzKrHND9Oo_hWkQQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇿🇦 Tokolosh Hunters	2026-04-30 03:17:38 (1 month ago)	AutoBlockWindow-Known bad useragent query-2026-04-30 03:17:37	Bad Web Bot
🇺🇸 mnsf	2026-04-29 21:05:09 (1 month ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇫🇷 Octopuce	2026-04-29 18:50:34 (1 month ago)	Aggressive web search of vulnerable pages: /wp-content/plugins/elementor/includes/interfaces/about.p ... show more Aggressive web search of vulnerable pages: /wp-content/plugins/elementor/includes/interfaces/about.php /wp-content/plugins/waspthemes-yellow-pe ... show less	Web App Attack
🇺🇸 nyt	2026-04-29 16:59:32 (1 month ago)	404 flood (16/60s), 404 flood (17/60s)	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-04-29 16:23:04 (1 month ago)	185.132.187.116 - - [29/Apr/2026:19:23:02 +0300] "GET /wp-content/plugins/so-pinyin-slugs/inc/main_j ... show more 185.132.187.116 - - [29/Apr/2026:19:23:02 +0300] "GET /wp-content/plugins/so-pinyin-slugs/inc/main_json.php HTTP/1.1" 404 706 "-" "Go-http-client/1.1" 185.132.187.116 - - [29/Apr/2026:19:23:03 +0300] "GET /wp-content/plugins/WPManager/up.php HTTP/1.1" 404 706 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 threatintelligence_bvc	2026-04-25 03:58:27 (2 months ago)		Brute-Force
🇺🇦 URAN Publishing Service	2026-03-25 00:55:56 (3 months ago)	185.132.187.116 - - [25/Mar/2026:02:55:54 +0200] "GET //wp-content/plugins/so-pinyin-slugs/inc/js-in ... show more 185.132.187.116 - - [25/Mar/2026:02:55:54 +0200] "GET //wp-content/plugins/so-pinyin-slugs/inc/js-inc.php HTTP/1.1" 404 272 "-" "Go-http-client/1.1" 185.132.187.116 - - [25/Mar/2026:02:55:55 +0200] "GET //wp-content/plugins/wpcall-button/button-image.php HTTP/1.1" 404 272 "-" "Go-http-client/1.1" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-18 01:45:54 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 17 21:45:50.019257 2026] [security2:error] [pid 14661:tid 14661] [client 185.132.187.116:25097] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.robcohn.com"] [uri "/backups/sftp-config.json"] [unique_id "aboDzqv4H1m7zYLXU5n8XQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bescared	2026-03-11 16:42:29 (3 months ago)	F2B - Malicious activity detected. URL Probing.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-09 15:46:19 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 185.132.187.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 09 11:46:13.087084 2026] [security2:error] [pid 19422:tid 19422] [client 185.132.187.116:52327] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcoinsquaretrade.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsquaretrade.com"] [uri "/sql.sql"] [unique_id "aa7rRXhhthhjO0cOndF2TwAAABs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 122 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.191.48.4

🇺🇸 104.28.152.173

🇹🇷 78.186.54.65

🇺🇸 66.132.186.142

🇺🇸 2607:f8b0:4023:1002::12c

🇧🇷 201.63.223.141

🇲🇰 185.193.240.246

🇺🇸 172.237.155.240

🇭🇰 154.85.54.7

🇳🇱 91.92.40.8

🇷🇺 89.253.44.18

🇸🇮 89.212.116.101

🇺🇸 71.6.134.234

🇺🇸 64.62.156.143

🇺🇸 54.80.141.116

🇺🇸 50.84.211.204

🇬🇧 35.203.210.222

🇬🇧 35.177.31.48

🇺🇸 20.64.105.145

🇺🇸 2607:f8b0:4004:100d::126