AbuseIPDB » 185.214.97.252

185.214.97.252 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 36%: ?

36%

ISP	Packethub S.A.
Usage Type	Fixed Line ISP
ASN	AS207137
Domain Name	packethub.net
Country	Spain
City	Barcelona, Catalonia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 185.214.97.252

Whois 185.214.97.252

IP Abuse Reports for 185.214.97.252:

This IP address has been reported a total of 20 times from 12 distinct sources. 185.214.97.252 was first reported on January 10th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Anonymous	2025-03-11 17:02:31 (1 week ago)	Web attack	Bad Web Bot Web App Attack
LRob.fr	2025-02-28 23:00:41 (3 weeks ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
LRob.fr	2025-02-26 23:09:38 (3 weeks ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
robotstxt	2025-02-25 16:42:36 (3 weeks ago)	185.214.97.252 - - [25/Feb/2025:16:42:24 +0000] "POST /wp-json/wp/v2/tags?_locale=user HTTP/2.0" 400 ... show more185.214.97.252 - - [25/Feb/2025:16:42:24 +0000] "POST /wp-json/wp/v2/tags?_locale=user HTTP/2.0" 400 190 "https://www.noudiari.es/wp-admin/post-new.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" 185.214.97.252 - - [25/Feb/2025:16:42:28 +0000] "POST /wp-json/wp/v2/tags?_locale=user HTTP/2.0" 400 190 "https://www.noudiari.es/wp-admin/post-new.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" 185.214.97.252 - - [25/Feb/2025:16:42:33 +0000] "POST /wp-json/wp/v2/tags?_locale=user HTTP/2.0" 400 190 "https://www.noudiari.es/wp-admin/post-new.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" "-" 185.214.97.252 - - [25/Feb/2025:16:42:24 +0000] "POST /wp-json/wp/v2/tags?_locale=user HTTP/2.0" 400 190 "https://www.noudiari.es/wp-admin/post-new.php" rt="0.232" "Mozilla/5.0 (Windows N ... show less	Web Spam Web App Attack
LRob.fr	2025-02-25 00:09:57 (3 weeks ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
LRob.fr	2025-02-24 00:04:50 (3 weeks ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
rsiddall	2025-02-22 08:58:15 (1 month ago)	185.214.97.252 - - [22/Feb/2025:03:58:13 -0500] "POST /xmlrpc.php HTTP/1.1" 301 242 "-" "Mozilla/5.0 ... show more185.214.97.252 - - [22/Feb/2025:03:58:13 -0500] "POST /xmlrpc.php HTTP/1.1" 301 242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 185.214.97.252 - - [22/Feb/2025:03:58:14 -0500] "POST /xmlrpc.php HTTP/1.1" 301 242 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Brute-Force
mnsf	2025-02-22 02:05:22 (1 month ago)	Xmlrpc Caught (7)	Brute-Force Web App Attack
LRob.fr	2025-02-22 00:33:28 (1 month ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
Anonymous	2025-02-21 08:40:53 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
cmbplf	2025-02-21 03:20:33 (1 month ago)	1.549 requests to */xmlrpc.php	Brute-Force Bad Web Bot
TPI-Abuse	2025-02-20 16:01:13 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.214.97.252 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 185.214.97.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 20 11:01:08.429842 2025] [security2:error] [pid 30114:tid 30128] [client 185.214.97.252:44032] [client 185.214.97.252] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tomithai.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tomithai.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7dRxPVwdSgBoJts6OQxMQAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-20 07:14:04 (1 month ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
pusathosting.com	2025-02-19 17:40:04 (1 month ago)	2ds22 bruteforce	Brute-Force Web App Attack
TPI-Abuse	2025-02-19 15:17:20 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.214.97.252 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 185.214.97.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 19 10:17:13.536461 2025] [security2:error] [pid 2724641:tid 2724641] [client 185.214.97.252:46294] [client 185.214.97.252] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||insidepublications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "insidepublications.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z7X1-XZQ8PWtkFlrkiN00QAAABs"] show less	Brute-Force Bad Web Bot Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩