JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 155.212.109.148

155.212.109.148 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 30%: ?

30%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43444
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 155.212.109.148

Whois 155.212.109.148

IP Abuse Reports for 155.212.109.148:

This IP address has been reported a total of 10 times from 7 distinct sources. 155.212.109.148 was first reported on March 2nd 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 huginet	2026-06-15 07:26:25 (6 days ago)	155.212.109.148 - - [15/Jun/2026:09:26:23 +0200] "GET /wp-login.php HTTP/1.1" 301 240 "-" "Mozilla/5 ... show more 155.212.109.148 - - [15/Jun/2026:09:26:23 +0200] "GET /wp-login.php HTTP/1.1" 301 240 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 155.212.109.148 - - [15/Jun/2026:09:26:25 +0200] "GET /wp-login.php HTTP/1.1" 200 10815 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" ... show less	Web Spam Blog Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 02:03:00 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 22:02:54.419328 2026] [security2:error] [pid 18075:tid 18075] [client 155.212.109.148:43751] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|asduk.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "asduk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aitozkdTWl1s3LP61jjJzQAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-11 17:39:26 (1 week ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-06-10 00:39:11 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 20:39:04.342240 2026] [security2:error] [pid 2772:tid 2772] [client 155.212.109.148:33451] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|michaelhick.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelhick.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiiyKP8icbIfRbk785BhNQAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 03:21:45 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 23:21:41.306630 2026] [security2:error] [pid 27093:tid 27093] [client 155.212.109.148:48849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|step1nutrition.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "step1nutrition.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiOSRSUwBEbZ3oapHOypiAAAACU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 10:45:03 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 155.212.109.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 06:44:57.289002 2026] [security2:error] [pid 12609:tid 12609] [client 155.212.109.148:63815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thebumans.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thebumans.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahgcqYta8NT7y1fDqhPLRAAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-05-19 14:50:09 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-05-18 21:08:09 (1 month ago)	Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: ... show more Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 dynamix	2026-05-07 20:55:35 (1 month ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-03-02 17:00:06 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-00.155.212.109.148.web-spam ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-00.155.212.109.148.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.189

🇬🇹 190.151.130.5

🇧🇷 189.113.8.254

🇳🇱 185.223.235.8

🇸🇪 159.26.108.58

🇷🇺 2a09:bac1:61c0:3380::57:24b

🇬🇧 195.140.214.20

🇵🇱 194.180.49.216

🇳🇱 185.226.197.7

🇬🇧 165.227.229.197

🇰🇷 119.197.2.134

🇮🇳 106.214.9.189

🇺🇸 91.230.168.87

🇳🇱 45.148.10.151

🇫🇮 147.185.133.53

🇺🇸 143.198.127.40

🇩🇪 104.248.141.67

🇱🇹 81.30.98.44

🇰🇷 59.6.72.106

🇸🇬 47.84.133.68