AbuseIPDB » 185.220.100.244

185.220.100.244 was found in our database!

This IP was reported 13,481 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	Network for Tor-Exit traffic.
Usage Type	Commercial
ASN	AS205100
Hostname(s)	tor-exit-5.zbau.f3netze.de
Domain Name	f3netze.de
Country	Germany
City	Erlangen, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 185.220.100.244

Whois 185.220.100.244

IP Abuse Reports for 185.220.100.244:

This IP address has been reported a total of 13,481 times from 730 distinct sources. 185.220.100.244 was first reported on November 21st 2020, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
el-brujo	2025-05-28 12:38:06 (2 weeks ago)	Cloudflare WAF: Request Path: /silentsigils/apdos_test_2 Request Query: Host: elhacker.net userAgen ... show moreCloudflare WAF: Request Path: /silentsigils/apdos_test_2 Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2939.45 Safari/537.36 Action: block Source: ratelimit ASN Description: F3NETZE Country: T1 Method: GET Timestamp: 2025-05-28T12:38:06Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
ThreatBook.io	2025-05-27 23:39:18 (2 weeks ago)	ThreatBook Intelligence: tor_proxy,Zombie more details on https://threatbook.io/ip/185.220.100.244<b ... show moreThreatBook Intelligence: tor_proxy,Zombie more details on https://threatbook.io/ip/185.220.100.244 2025-05-27 10:16:59 https://dpc8dvxsgy3qp.cloudfront.net/ 2025-05-27 11:49:01 //dpc8dvxsgy3qp.cloudfront.net:80 show less	Web App Attack
rtbh.com.tr	2025-05-27 20:08:25 (2 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
paissangroup	2025-05-27 12:14:35 (3 weeks ago)	Multiple WAF Violations	Web App Attack
Pingger Shikkoken	2025-05-27 06:56:56 (3 weeks ago)	2025-05-27T06:56:56+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more2025-05-27T06:56:56+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=185.220.100.244 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=11662 DF PROTO=TCP SPT=28147 DPT=8443 WINDOW=42340 RES=0x00 SYN URGP=0 2025-05-27T06:56:57+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=185.220.100.244 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=11663 DF PROTO=TCP SPT=28147 DPT=8443 WINDOW=42340 RES=0x00 SYN URGP=0 2025-05-27T06:56:59+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=185.220.100.244 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=11664 DF PROTO=TCP SPT=28147 DPT=8443 WINDOW=42340 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot
strefapi_com	2025-05-27 02:58:14 (3 weeks ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
kosada.com	2025-05-26 21:56:55 (3 weeks ago)	Web vulnerability probing	Web App Attack
rtbh.com.tr	2025-05-26 20:08:23 (3 weeks ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-05-26 13:43:24 (3 weeks ago)	185.220.100.244 - - [26/May/2025:13:43:24 +0000] "GET /.env.prod HTTP/1.1" 404 2816 "-" "Mozilla/5.0 ... show more185.220.100.244 - - [26/May/2025:13:43:24 +0000] "GET /.env.prod HTTP/1.1" 404 2816 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:115.0) Gecko/20100101 Firefox/115.0" ... show less	Bad Web Bot Web App Attack
masterguru	2025-05-25 15:40:08 (3 weeks ago)	Restricted File Access Attempt. Matched phrase "wp-config.php" at REQUEST_FILENAME. (930130-122)	Hacking Web App Attack
VMHeaven.io	2025-05-25 09:32:14 (3 weeks ago)	Blocked by UFW [21/tcp] Source port: 18387 TTL: 52 Packet length: 60	FTP Brute-Force Port Scan Brute-Force
Aetherweb Ark	2025-05-25 06:32:15 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.220.100.244 (DE/Germany/tor-exit-5.zbau.f3n ... show more(mod_security) mod_security (id:210492) triggered by 185.220.100.244 (DE/Germany/tor-exit-5.zbau.f3netze.de): N in the last X secs show less	Web App Attack
ipblock.com	2025-05-24 20:55:00 (3 weeks ago)	IPBlock protected site ID [4055-d][s=07]. Major crawler impostor. Mozilla/5.0 (compati ... show moreIPBlock protected site ID [4055-d][s=07]. Major crawler impostor. Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) show less	Bad Web Bot
Pingger Shikkoken	2025-05-24 18:53:53 (3 weeks ago)	2025-05-24T18:53:53+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more2025-05-24T18:53:53+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=185.220.100.244 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=42256 DF PROTO=TCP SPT=28445 DPT=8443 WINDOW=42340 RES=0x00 SYN URGP=0 2025-05-24T18:53:54+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:58:1a:08:00 SRC=185.220.100.244 DST=10.1.1.11 LEN=60 TOS=0x00 PREC=0x00 TTL=59 ID=42257 DF PROTO=TCP SPT=28445 DPT=8443 WINDOW=42340 RES=0x00 SYN URGP=0 show less	Hacking Bad Web Bot
ipblock.com	2025-05-24 13:33:00 (3 weeks ago)	IPBlock protected site ID [4055-d][s=04]. Major crawler impostor. Mozilla/5.0 (compati ... show moreIPBlock protected site ID [4055-d][s=04]. Major crawler impostor. Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) show less	Bad Web Bot

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩