JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.212.115.160

185.212.115.160 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 20%: ?

20%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.212.115.160

Whois 185.212.115.160

IP Abuse Reports for 185.212.115.160:

This IP address has been reported a total of 21 times from 15 distinct sources. 185.212.115.160 was first reported on January 18th 2023, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 20:31:20 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:31:13.349889 2026] [security2:error] [pid 23159:tid 23165] [client 185.212.115.160:64127] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|oswgr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oswgr.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai8PkXKCvFwgRQjMpT7REQAAAEM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 12:14:28 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:14:23.416568 2026] [security2:error] [pid 28330:tid 28330] [client 185.212.115.160:24371] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|muebleriamac.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "muebleriamac.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiv4H0S1zAMdab20PZ7KyAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Oakley	2026-05-18 12:28:39 (1 month ago)	(mod_security) mod_security (id:900178) triggered by 185.212.115.160 (US/United States/-): 5 in the ... show more (mod_security) mod_security (id:900178) triggered by 185.212.115.160 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇬🇧 relianoid.com	2026-05-11 13:03:18 (1 month ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2026-05-07 12:09:33 (1 month ago)	Forum/form spam	Web Spam
🇫🇷 masterguru	2026-05-01 00:57:56 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.212.115.160 (FI/Finland/-): 1 in ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.212.115.160 (FI/Finland/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-04-29 04:28:17 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 00:28:11.447050 2026] [security2:error] [pid 20599:tid 20599] [client 185.212.115.160:41607] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.fromsaintlouis.banis-associates.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fromsaintlouis.banis-associates.com"] [uri "/s3cmd.ini"] [unique_id "afGI26fU6ksz2efDgvjECwAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 21:04:42 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 185.212.115.160 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 17:04:36.968280 2026] [security2:error] [pid 18554:tid 18554] [client 185.212.115.160:34203] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|wizardswekshop.esneuro.net\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wizardswekshop.esneuro.net"] [uri "/s3cmd.ini"] [unique_id "afEg5FARfPQgcUh6MeaMRQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-04-18 13:08:22 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -51.999 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -51.999 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1742.1 show less	Web App Attack Bad Web Bot
🇨🇭 backslash	2026-04-16 14:27:00 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇮🇪 Coolnagour	2026-03-20 17:17:00 (3 months ago)	http-probing: /wp-json/wp/v2/users	Web App Attack
🇨🇿 krok141	2026-03-11 13:26:00 (3 months ago)		Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-19 22:20:07 (7 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-11-17 16:50:56 (7 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇮🇩 BPS-StatisticsIndonesia	2025-04-01 15:37:31 (1 year ago)	WP Login Scan Activities	Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇴 181.59.2.111

🇺🇸 45.80.105.237

🇻🇪 200.75.125.68

🇪🇸 188.241.102.183

🇫🇷 152.228.135.83

🇳🇱 86.93.14.13

🇷🇴 80.94.92.120

🇬🇧 45.82.76.102

🇸🇬 4.194.31.84

🇵🇱 195.116.145.127

🇧🇷 191.5.176.105

🇲🇽 187.175.62.190

🇧🇷 187.49.63.41

🇳🇱 176.65.149.180

🇨🇮 160.120.220.32

🇻🇳 103.75.185.95

🇹🇷 78.190.13.69

🇨🇳 60.172.168.136

🇺🇸 47.251.55.135

🇸🇬 47.128.23.126