JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.203.15.213

85.203.15.213 was found in our database!

This IP was reported 228 times. Confidence of Abuse is 51%: ?

51%

ISP	Falco Networks B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	falco-networks.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.203.15.213

Whois 85.203.15.213

IP Abuse Reports for 85.203.15.213:

This IP address has been reported a total of 228 times from 82 distinct sources. 85.203.15.213 was first reported on September 23rd 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-05 13:12:53 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 masterguru	2026-06-05 03:39:22 (2 days ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122) show less	Bad Web Bot
Anonymous	2026-05-17 17:03:17 (2 weeks ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DE, Attack patterns: Mali ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DE, Attack patterns: Malicious User-Agent show less	Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-16 16:50:23 (3 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-16 16:04:15 (3 weeks ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DE, Attack patterns: Mali ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: DE, Attack patterns: Malicious User-Agent show less	Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-15 00:50:29 (3 weeks ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 AetherFox	2026-05-14 21:39:08 (3 weeks ago)	AetherFox VoidGuard detected: [Thu May 14 21:39:06.166653 2026] [authz_core:error] [pid 3974553:tid ... show more AetherFox VoidGuard detected: [Thu May 14 21:39:06.166653 2026] [authz_core:error] [pid 3974553:tid 3974581] [client 85.203.15.213:43547] AH01630: client denied by server configuration: proxy:https://[MASKED]/modules/modules_function.php, referer: http://dranet.de//modules/modules_function.php [Thu May 14 21:39:06.629803 2026] [authz_core:error] [pid 3974553:tid 3974604] [client 85.203.15.213:43547] AH01630: client denied by server configuration: proxy:https://[MASKED]/themes/kidshop/templates/layouts/hehe403.php, referer: http://dranet.de//themes/kidshop/templates/layouts/hehe403.php [Thu May 14 21:39:06.983619 2026] [authz_core:error] [pid 3974553:tid 3974600] [client 85.203.15.213:43547] AH01630: client denied by server configuration: proxy:https://[MASKED]/themes/thecosmetic/tmp.php, referer: http://dranet.de//themes/thecosmetic/tmp.php [Thu May 14 21:39:07.321812 2026] [authz_core:error] [pid 3974553:tid 3974570] [client 85.203.15.213:43547] AH01630: c ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-09 11:13:17 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 85.203.15.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.203.15.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 07:13:13.311601 2026] [security2:error] [pid 29099:tid 29099] [client 85.203.15.213:46247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deannlottmusic.com"] [uri "/wp-content/wp-config.php"] [unique_id "af8WyZxDo28Y8c8bhLN5bQAAADQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-08 01:12:13 (4 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ... show more BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-193) show less	Bad Web Bot
Anonymous	2026-05-07 18:21:53 (4 weeks ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-05-07 11:26:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 85.203.15.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.203.15.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 07:26:01.905143 2026] [security2:error] [pid 11759:tid 11759] [client 85.203.15.213:21889] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darnorb.com"] [uri "/wp-content/wp-config.php"] [unique_id "afx2yTpzUVCWk0AwqG_DZwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-07 09:57:52 (1 month ago)	85.203.15.213 - - [07/May/2026:11:57:50 +0200] "GET /wp-includes/certificates/ HTTP/1.1" 404 124 "-" ... show more 85.203.15.213 - - [07/May/2026:11:57:50 +0200] "GET /wp-includes/certificates/ HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 85.203.15.213 - - [07/May/2026:11:57:50 +0200] "GET /wp-content/themes/about.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 85.203.15.213 - - [07/May/2026:11:57:50 +0200] "GET /wp-includes/panel.php HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 85.203.15.213 - - [07/May/2026:11:57:51 +0200] "GET /wp-includes/Text/Diff/ HTTP/1.1" 404 124 "-" "Go-http-client/1.1" 85.203.15.213 - - [07/May/2026:11:57:51 +0200] "GET /wp-includes/js/dist/development/ HTTP/1.1" 404 124 "-" "Go-http-client/1.1" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-06 23:39:39 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 85.203.15.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 85.203.15.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 19:39:35.145526 2026] [security2:error] [pid 1059:tid 1059] [client 85.203.15.213:47939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "darkalleyproductions.com"] [uri "/wp-content/wp-config.php"] [unique_id "afvRNyiZy7cx0lFEwDiYewAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-05 20:46:38 (1 month ago)	Failed Wordpress Logins	Web App Attack
🇫🇷 Octopuce	2026-05-02 19:30:32 (1 month ago)	Aggressive web search of vulnerable pages: /style2.php /about.php /xleet.php /user.php /menu.php /do ... show more Aggressive web search of vulnerable pages: /style2.php /about.php /xleet.php /user.php /menu.php /doc.php /tiny.php /user.php /menu.php /alfa.p ... show less	Web App Attack

Showing 1 to 15 of 228 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 14.103.112.106

🇳🇬 197.210.54.164

🇬🇹 190.14.143.12

🇺🇸 143.110.226.56

🇧🇷 131.221.57.46

🇨🇳 106.13.107.35

🇺🇸 104.237.156.209

🇰🇪 102.214.157.33

🇵🇹 94.61.159.91

🇫🇮 89.167.120.76

🇹🇷 85.96.75.241

🇺🇸 74.125.224.42

🇨🇳 61.184.10.103

🇺🇸 54.156.55.147

🇺🇸 35.190.148.120

🇺🇸 34.29.104.32

🇺🇸 172.203.134.70

🇮🇳 152.32.158.219

🇫🇷 92.103.134.183

🇹🇷 84.44.35.67