JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.212.115.220

185.212.115.220 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 16%: ?

16%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.212.115.220

Whois 185.212.115.220

IP Abuse Reports for 185.212.115.220:

This IP address has been reported a total of 14 times from 7 distinct sources. 185.212.115.220 was first reported on November 14th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Ba-Yu	2026-05-21 18:22:54 (1 month ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:28:52 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:28:43.362655 2026] [security2:error] [pid 11490:tid 11490] [client 185.212.115.220:45631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "epetsure.co"] [uri "/wp-config.php.dist"] [unique_id "ag4ni5qeOkhz-J-a1hKENwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Kreapptivo	2026-05-20 21:25:08 (1 month ago)	[20/May/2026:23:25:07 +0200] Web-Request: "HEAD /wp-login.php", User-Agent: "Go-http-client/1.1"	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 15:34:36 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:34:31.303125 2026] [security2:error] [pid 3555:tid 3555] [client 185.212.115.220:47317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "site.ablogisticsgroup.com"] [uri "/wp-config.php.orig"] [unique_id "ag3Uh4MUY73tb4peDg_JcAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 14:52:55 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 10:52:49.728453 2026] [security2:error] [pid 10860:tid 10860] [client 185.212.115.220:46259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pixelspective.com"] [uri "/wp-config.php.bak"] [unique_id "ag3KwdNI9MOb8Krk1gfAlAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 12:18:05 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.212.115.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:17:57.285466 2026] [security2:error] [pid 15221:tid 15221] [client 185.212.115.220:59939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drgracetomastolentino.com"] [uri "/wp-config.txt"] [unique_id "ag2mdRd04yCW68c7s_EcSQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-05-17 18:06:01 (1 month ago)	(modsecurity) srv104 ModSecurity 185.212.115.220 (NL/The Netherlands/-): 10 in the last 3600 secs; P ... show more (modsecurity) srv104 ModSecurity 185.212.115.220 (NL/The Netherlands/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:00:54 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 oncord	2025-05-13 11:54:20 (1 year ago)	Form spam	Web Spam
🇦🇺 oncord	2025-03-31 23:25:17 (1 year ago)	Form spam	Web Spam
🇺🇸 oncord	2025-03-15 18:13:19 (1 year ago)	Form spam	Web Spam
🇺🇸 oncord	2025-02-26 19:31:39 (1 year ago)	Form spam	Web Spam
🇦🇺 oncord	2025-02-16 02:39:01 (1 year ago)	Form spam	Web Spam
Anonymous	2024-11-14 12:59:02 (1 year ago)	Brute force attempt to access portal using various usernames	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 139.162.131.127

🇲🇦 105.159.243.172

🇺🇸 64.62.197.232

🇮🇳 14.194.125.58

🇺🇸 3.92.68.89

🇲🇽 187.190.35.163

🇬🇧 185.127.71.170

🇻🇳 171.231.190.102

🇬🇧 147.148.205.252

🇺🇸 135.234.85.209

🇩🇪 69.5.169.240

🇩🇪 69.5.169.137

🇺🇸 52.173.130.64

🇫🇮 35.228.156.60

🇨🇳 218.106.33.54

🇬🇧 217.146.80.107

🇩🇪 148.251.47.87

🇺🇸 148.153.139.130

🇺🇸 147.185.132.75

🇮🇳 122.170.198.250