JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.108.115.112

212.108.115.112 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 3%: ?

ISP	TELECOME SY
Usage Type	Fixed Line ISP
ASN	Unknown
Domain Name	highspeed-sy.com
Country	🇸🇾 Syrian Arab Republic
City	Aleppo, Aleppo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.108.115.112

Whois 212.108.115.112

IP Abuse Reports for 212.108.115.112:

This IP address has been reported a total of 12 times from 10 distinct sources. 212.108.115.112 was first reported on January 7th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 polycoda	2026-06-10 10:53:41 (5 days ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇱🇻 garmtech.com	2026-04-04 02:56:46 (2 months ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
🇩🇪 FeG Deutschland	2026-04-04 00:34:50 (2 months ago)	Mail: - login with unknown user - bruteforce	Brute-Force
🇺🇸 octageeks.com	2026-03-16 04:08:35 (2 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇦🇺 MAGIC	2026-03-13 03:10:44 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 gui-ying233	2026-03-13 00:07:11 (3 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 show less	Bad Web Bot
🇨🇦 polycoda	2026-03-11 14:25:00 (3 months ago)	📄 Probes for tons of inexistent files and PHP scripts	Hacking Web App Attack
🇮🇳 liveaspankaj	2026-02-15 12:22:14 (4 months ago)	DDoS attack: 286 requests in 5m (GET / or repair.php).	DDoS Attack
🇦🇺 MAGIC	2026-01-30 01:32:07 (4 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-01-10 09:51:58 (5 months ago)	scanning http requests from known botnet	Web App Attack
🇺🇸 TPI-Abuse	2026-01-08 02:35:43 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 212.108.115.112 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 212.108.115.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 21:35:38.793347 2026] [security2:error] [pid 24158:tid 24158] [client 212.108.115.112:33382] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.grupoporvenir.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.grupoporvenir.com"] [uri "/plazacristal.com"] [unique_id "aV8X-rmwy9BdBWEHsWLl9QAAAA4"], referer: https://www.grupoporvenir.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-01-07 17:25:14 (5 months ago)	block ruleset 6B63410D189E6343B910F7440B8499558BEC52EB	Bad Web Bot

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4002:c00::128

🇨🇳 202.46.62.119

🇩🇪 91.98.176.11

🇸🇬 47.237.184.3

🇺🇸 45.130.83.197

🇨🇳 223.76.158.107

🇨🇳 171.112.185.199

🇳🇱 87.215.92.190

🇪🇸 82.223.15.158

🇱🇹 45.227.254.170

🇬🇧 35.203.210.69

🇬🇧 35.203.210.38

🇳🇱 34.12.44.206

🇳🇱 23.176.184.152

🇪🇹 196.189.126.17

🇨🇳 171.211.194.46

🇮🇳 106.51.92.114

🇮🇳 103.178.253.58

🇧🇬 91.92.199.36

🇧🇾 82.209.246.150