JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.253.160.157

185.253.160.157 was found in our database!

This IP was reported 250 times. Confidence of Abuse is 2%: ?

ISP	M247 LTD Armenia Infrastructure
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	m247.com
Country	🇧🇬 Bulgaria
City	Sofia, Sofia-Capital

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.253.160.157

Whois 185.253.160.157

IP Abuse Reports for 185.253.160.157:

This IP address has been reported a total of 250 times from 88 distinct sources. 185.253.160.157 was first reported on April 11th 2022, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 HandyTreff.de	2026-06-04 01:59:06 (2 weeks ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -58.989 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -58.989 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:109.0) Gecko/20100101 Firefox/122.0 show less	Web App Attack Bad Web Bot
🇮🇳 LogicMaven	2025-11-23 00:34:10 (6 months ago)	Unauthorized connection attempt from IP address 185.253.160.157 on port 465 -@206	Port Scan Brute-Force
Anonymous	2025-11-20 13:35:14 (6 months ago)	Nov 20 08:35:02 localhost kernel: [91991400.695700] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91 ... show more Nov 20 08:35:02 localhost kernel: [91991400.695700] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=185.253.160.157 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=43 ID=0 PROTO=TCP SPT=8839 DPT=5601 SEQ=3607217879 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 20 08:35:02 localhost kernel: [91991400.732043] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=185.253.160.157 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=41 ID=0 PROTO=TCP SPT=16077 DPT=2380 SEQ=1635886454 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 Nov 20 08:35:03 localhost kernel: [91991400.997835] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=185.253.160.157 DST=[mungedIP2] LEN=40 TOS=0x08 PREC=0x20 TTL=43 ID=0 PROTO=TCP SPT=10959 DPT=20026 SEQ=663976491 ACK=0 WINDOW=65535 RES=0x00 SYN URGP=0 show less	Port Scan
🇳🇱 Study Bitcoin 🤗	2025-11-20 12:47:48 (6 months ago)	9 port probes: tcp/20093, tcp/7199, tcp/20481, tcp/3030 (arepa cas), tcp/49400 (compaq insight manag ... show more 9 port probes: tcp/20093, tcp/7199, tcp/20481, tcp/3030 (arepa cas), tcp/49400 (compaq insight manager), tcp/2045 (cdfunc), tcp/5001 (filmaker.com), tcp/9200 (wap connectionless session service), tcp/20248 [ros] show less	Port Scan
🇫🇷 vincent_EUDIER	2025-11-18 02:20:05 (7 months ago)	ET SCAN Suspicious inbound to Oracle SQL port 1521	Port Scan
🇩🇪 iNetWorker	2025-11-18 01:26:04 (7 months ago)	trying to access non-authorized port	Port Scan
🇺🇸 OceanTreasure	2025-11-18 00:20:28 (7 months ago)	tcp/5901; Multiple SYN connections to closed port (≥10 in 10 min) (R18) @ 2025-11-18T00:11:06Z	Brute-Force
🇺🇸 etu brutus	2025-10-29 01:49:01 (7 months ago)	Credential Stuffing BotNet ...	Hacking Brute-Force
🇨🇳 ThreatBook.io	2025-09-24 00:17:01 (8 months ago)	ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/185.253.160.157 2 ... show more ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/185.253.160.157 2025-09-23 12:27:07 / show less	Web App Attack
Anonymous	2025-08-15 12:02:27 (10 months ago)	Web attack	Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2025-07-20 04:11:25 (10 months ago)	trying to access non-authorized port	Port Scan
🇩🇪 ps-center	2025-07-20 04:04:19 (10 months ago)	SS1-W: TCP-Scanner. Port: 22	Port Scan
🇯🇵 mkaraki	2025-07-19 10:36:08 (10 months ago)	1752921364 # Service_probe # SIGNATURE_SEND # source_ip:185.253.160.157 # dst_port:8009 ...	Port Scan
🇦🇺 MAGIC	2025-06-02 18:01:21 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-04-23 20:11:19 (1 year ago)	Wed Apr 23 23:11:10 2025 [pid 851123] [admin] FAIL LOGIN: Client "185.253.160.157" Wed Apr 23 23:11: ... show more Wed Apr 23 23:11:10 2025 [pid 851123] [admin] FAIL LOGIN: Client "185.253.160.157" Wed Apr 23 23:11:14 2025 [pid 851141] [admin] FAIL LOGIN: Client "185.253.160.157" Wed Apr 23 23:11:18 2025 [pid 851163] [admin] FAIL LOGIN: Client "185.253.160.157" ... show less	FTP Brute-Force

Showing 1 to 15 of 250 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 209.97.182.179

🇪🇹 196.190.41.137

🇿🇦 196.26.120.202

🇽🇰 185.190.132.16

🇺🇸 162.216.150.38

🇱🇹 91.224.92.147

🇺🇸 66.132.172.215

🇨🇾 62.228.126.113

🇭🇰 45.142.154.10

🇯🇵 43.165.170.19

🇺🇦 23.27.138.185

🇧🇷 187.9.247.58

🇺🇸 154.6.127.2

🇮🇳 122.160.80.105

🇮🇳 103.123.227.10

🇮🇹 94.177.49.160

🇫🇷 88.186.162.225

🇨🇦 72.251.13.228

🇧🇷 45.165.14.197

🇺🇸 45.56.103.133