JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.203.15.132

85.203.15.132 was found in our database!

This IP was reported 209 times. Confidence of Abuse is 43%: ?

43%

ISP	Falco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	falco-networks.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.203.15.132

Whois 85.203.15.132

IP Abuse Reports for 85.203.15.132:

This IP address has been reported a total of 209 times from 83 distinct sources. 85.203.15.132 was first reported on September 21st 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 13:46:42 (1 week ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-16 03:28:19 (1 week ago)	SPARSDE WEBEXPLOIT 85.203.15.132 (85.203.15.132)	Web App Attack
🇦🇹 penguin-solutions.at	2026-06-05 12:35:34 (3 weeks ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-05 11:21:35 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 masterguru	2026-06-05 03:40:32 (3 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
🇧🇾 lns.bz	2026-06-04 22:34:51 (3 weeks ago)	Too many 404 requests [BY]	Web App Attack
🇧🇾 lns.bz	2026-05-16 17:03:44 (1 month ago)	Too many 404 requests [BY]	Web App Attack
🇩🇪 ghostwarriors	2026-05-16 12:20:38 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-15 00:50:47 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-15 00:10:37 (1 month ago)	vars[0]=md5&vars[1][]=Hello	Fraud Orders Hacking Brute-Force Web App Attack
🇩🇪 AetherFox	2026-05-14 21:37:55 (1 month ago)	AetherFox VoidGuard detected: [Thu May 14 21:37:53.917909 2026] [authz_core:error] [pid 3974553:tid ... show more AetherFox VoidGuard detected: [Thu May 14 21:37:53.917909 2026] [authz_core:error] [pid 3974553:tid 3974585] [client 85.203.15.132:36865] AH01630: client denied by server configuration: proxy:https://[MASKED]/administrator/components/com_xcloner-backupandrestore/index2.php, referer: http://dranet.de//administrator/components/com_xcloner-backupandrestore/index2.php [Thu May 14 21:37:54.377592 2026] [authz_core:error] [pid 3974553:tid 3974592] [client 85.203.15.132:36865] AH01630: client denied by server configuration: proxy:https://[MASKED]/templates/Eatoreh/error.php, referer: http://dranet.de//templates/Eatoreh/error.php [Thu May 14 21:37:54.728687 2026] [authz_core:error] [pid 3974553:tid 3974591] [client 85.203.15.132:36865] AH01630: client denied by server configuration: proxy:https://[MASKED]/templates/Globy/error.php, referer: http://dranet.de//templates/Globy/error.php [Thu May 14 21:37:55.061445 2026] [authz_core:error] [pid 3974553:tid 3974595] [cl ... show less	Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-05-14 16:38:52 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 13:44:37 (1 month ago)	(mod_security) mod_security (id:240000) triggered by 85.203.15.132 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 85.203.15.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 09:44:34.412138 2026] [security2:error] [pid 30674:tid 30674] [client 85.203.15.132:51103] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|cancersquared.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "cancersquared.com"] [uri "/images/stories/themes.php"] [unique_id "agMuwmprb9ajwoAbJnzyugAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 04:51:06 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 85.203.15.132 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.203.15.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 00:50:59.464446 2026] [security2:error] [pid 24230:tid 24230] [client 85.203.15.132:52293] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deathofaspymaster.com"] [uri "/wp-content/wp-config.php"] [unique_id "af69M_BvTFl2xqzwHox6JwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-05-08 16:52:05 (1 month ago)	Excessive multi-domain requests	Brute-Force

Showing 1 to 15 of 209 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 202.141.6.159

🇬🇧 195.96.139.166

🇧🇷 191.44.15.171

🇨🇳 175.170.144.17

🇺🇸 162.216.150.254

🇨🇳 101.69.205.228

🇺🇸 71.6.238.22

🇺🇸 198.98.56.227

🇩🇪 195.145.108.252

🇮🇳 182.19.35.57

🇿🇦 147.136.65.176

🇵🇰 139.135.45.206

🇨🇳 119.6.235.38

🇸🇬 107.150.112.233

🇮🇳 103.97.215.11

🇺🇸 71.6.240.107

🇱🇹 62.60.130.219

🇮🇳 49.207.244.28

🇺🇸 44.210.69.179

🇨🇳 36.136.95.35