JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.94.35.116

185.94.35.116 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 10%: ?

10%

ISP	Fast Servers (Pty) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	traffictransitsolution.us
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.94.35.116

Whois 185.94.35.116

IP Abuse Reports for 185.94.35.116:

This IP address has been reported a total of 22 times from 10 distinct sources. 185.94.35.116 was first reported on May 2nd 2024, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-22 01:13:58 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.94.35.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 185.94.35.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 21:13:53.528246 2026] [security2:error] [pid 31438:tid 31438] [client 185.94.35.116:53589] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fusteriafontane.com"] [uri "/wp-config.php.save"] [unique_id "ag-t0QjKs21-mrCMVt9-pgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 15:34:51 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.94.35.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 185.94.35.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:34:46.152548 2026] [security2:error] [pid 24623:tid 24623] [client 185.94.35.116:15753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "site.ablogisticsgroup.com"] [uri "/wp-config.php.dist"] [unique_id "ag3UltkohghRuSfvaGtGNgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 15:14:28 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.94.35.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 185.94.35.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:14:24.872242 2026] [security2:error] [pid 5215:tid 5242] [client 185.94.35.116:65065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.strengthsmatter.teritemme.com"] [uri "/wp-config.bak"] [unique_id "ag3P0JFCf_iRIFpi0ORu-wAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 DumaNet	2026-05-18 19:51:00 (3 weeks ago)	WordPress plugin attack attempts. Date: 2026 May 18. 03:57:15 Source IP: 185.94.35.116 Portion ... show more WordPress plugin attack attempts. Date: 2026 May 18. 03:57:15 Source IP: 185.94.35.116 Portion of the log(s): 185.94.35.116 - [18/May/2026:03:57:14 +0200] "HEAD /wp-content/plugins/give/readme.txt HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Edg/130.0.0.0" 185.94.35.116 - [18/May/2026:03:57:14 +0200] "HEAD /wp-content/plugins/learnpress/readme.txt HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Edg/130.0.0.0" 185.94.35.116 - [18/May/2026:03:57:14 +0200] "HEAD /wp-content/plugins/gravityforms/readme.txt HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Edg/130.0.0.0" 185.94.35.116 - [18/May/2026:03:57:14 +0200] "HEAD /wp-content/plugins/notificationx/readme.txt HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT show less	Web App Attack Hacking
🇩🇪 hbrks	2025-08-17 02:10:30 (9 months ago)	nginx_block: service:unknow *** GET / HTTP/1.1	Web Spam Hacking Bad Web Bot
🇲🇽 licjperezl	2025-06-10 19:09:41 (1 year ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force
🇮🇳 wizard1411	2025-05-30 22:03:13 (1 year ago)	DDoS and brute force activity detected	Brute-Force SSH
🇨🇦 wil.com	2025-05-30 19:47:01 (1 year ago)	GlobalProtect login attempts with user jwebb.	VPN IP Brute-Force
Anonymous	2025-01-27 14:15:00 (1 year ago)	Used in a distributed login attack	Brute-Force
Anonymous	2025-01-26 10:55:56 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
Anonymous	2025-01-24 23:00:14 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
Anonymous	2025-01-16 05:55:08 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
Anonymous	2025-01-14 09:20:12 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
Anonymous	2025-01-13 00:55:09 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
Anonymous	2024-12-29 06:05:16 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:171:8b::106

🇹🇭 203.154.158.195

🇷🇴 193.46.255.86

🇫🇷 143.244.57.121

🇳🇱 108.61.165.145

🇮🇷 94.184.177.71

🇸🇪 78.67.161.64

🇳🇱 45.148.10.121

🇬🇧 35.203.210.105

🇳🇱 34.90.7.92

🇺🇸 2001:470:1:c84::163

🇺🇸 216.218.206.86

🇰🇷 203.142.160.143

🇬🇧 194.50.235.139

🇸🇪 185.246.130.20

🇨🇳 171.217.92.33

🇺🇸 165.22.180.136

🇺🇸 162.216.149.77

🇨🇳 81.70.158.241

🇺🇸 74.48.105.66