JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.212.115.124

185.212.115.124 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 16%: ?

16%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.212.115.124

Whois 185.212.115.124

IP Abuse Reports for 185.212.115.124:

This IP address has been reported a total of 30 times from 12 distinct sources. 185.212.115.124 was first reported on December 11th 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 nyt	2026-05-22 01:33:01 (3 weeks ago)	WP Config Probe	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 23:30:41 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.124 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 19:30:35.764557 2026] [security2:error] [pid 3675:tid 3675] [client 185.212.115.124:55717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fluff2.instagenii.com"] [uri "/wp-config.php.save"] [unique_id "ag-VmxALvhIVHo_IPdsKggAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-21 07:06:50 (3 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:26:55 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.124 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:26:49.710706 2026] [security2:error] [pid 7769:tid 7906] [client 185.212.115.124:54785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pilargarciamanzanares.com.clmtic.net"] [uri "/wp-config.php.old"] [unique_id "ag4nGVFh9dgzLqD9lPDhMgAAApM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 16:14:16 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.124 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:14:09.062783 2026] [security2:error] [pid 6362:tid 6362] [client 185.212.115.124:27587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stantontownship.org"] [uri "/wp-config.bak"] [unique_id "ag3d0YfagjH_KQWEQ_83dwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-03 11:36:03 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-01-01 03:59:54 (5 months ago)	WP Login Scan Activities	Web App Attack
🇬🇧 Bytemark	2025-12-31 17:30:41 (5 months ago)	185.212.115.124 - - [31/Dec/2025:17:30:39 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.go ... show more 185.212.115.124 - - [31/Dec/2025:17:30:39 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 185.212.115.124 - - [31/Dec/2025:17:30:40 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 185.212.115.124 - - [31/Dec/2025:17:30:40 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-30 20:14:02 (5 months ago)	WP Login Scan Activities	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-12-29 09:02:31 (5 months ago)	WP Login Scan Activities	Web App Attack
🇫🇮 as211431.net	2025-12-27 20:29:18 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from FI. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from FI. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /wp-login.php UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇨🇭 backslash	2025-11-19 21:20:05 (6 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇿 lp	2025-05-13 00:21:31 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 185.212.115.124 2025-05-13T01:00:35+0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 185.212.115.124 2025-05-13T01:00:35+02:00 vpn Access-Reject 'snedding' station: 185.212.115.124 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2025-05-04 23:32:53 (1 year ago)	2025-05-04 06:33:42 /+CSCOE+/logon.html	Web App Attack
🇩🇪 marzzzello	2025-02-22 06:30:58 (1 year ago)	Ports: 9x 11818	Port Scan

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 8.219.221.108

🇨🇳 219.153.106.29

🇮🇳 157.20.215.123

🇺🇸 147.185.132.114

🇨🇳 106.75.185.126

🇮🇳 103.123.53.88

🇮🇳 103.122.204.70

🇷🇴 80.94.92.187

🇱🇻 217.60.2.243

🇺🇸 165.154.173.226

🇰🇷 122.35.192.61

🇺🇸 104.232.79.58

🇸🇬 103.250.11.63

🇷🇺 77.106.78.215

🇧🇷 45.164.251.106

🇳🇱 213.152.161.54

🇺🇸 136.109.189.37

🇺🇸 136.107.190.95

🇵🇰 124.29.193.114

🇭🇰 103.230.240.59