JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 199.21.149.32

199.21.149.32 was found in our database!

This IP was reported 120 times. Confidence of Abuse is 0%: ?

ISP	Netminders Server Hosting
Usage Type	Data Center/Web Hosting/Transit
ASN	AS7040
Domain Name	net-minders.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 199.21.149.32

Whois 199.21.149.32

IP Abuse Reports for 199.21.149.32:

This IP address has been reported a total of 120 times from 34 distinct sources. 199.21.149.32 was first reported on August 5th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-03-25 05:05:13 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 25 01:05:07.318472 2025] [security2:error] [pid 1783292:tid 1783292] [client 199.21.149.32:49172] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.nathanburd.com\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nathanburd.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z-I5g4qlcqTG2t_Zi770YwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dwmp	2025-03-25 04:51:15 (1 year ago)	Url probing: /Telerik.Web.UI.DialogHandler.aspx	Web App Attack
🇵🇱 strefapi_com	2025-03-25 03:20:50 (1 year ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇺🇸 charmicat	2025-03-19 13:39:43 (1 year ago)	AUTOMATED REPORT - suspicious request from 199.21.149.32: [Wed, 19 Mar 2025 13:39:43 +0000] GET /Tel ... show more AUTOMATED REPORT - suspicious request from 199.21.149.32: [Wed, 19 Mar 2025 13:39:43 +0000] GET /Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36 Edg/121.0.0.0 Herring/95.1.1930.31 show less	Web App Attack
🇺🇸 TPI-Abuse	2025-03-19 12:46:25 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 08:46:18.515110 2025] [security2:error] [pid 1388208:tid 1388208] [client 199.21.149.32:55692] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.pamelaweisberg.com\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pamelaweisberg.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z9q8mnmzUyTcQqu4eQ8ppAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 PaulSep	2025-03-19 12:27:12 (1 year ago)	199.21.149.32 - - [19/Mar/2025:13:27:11 +0100] "GET /Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1 ... show more 199.21.149.32 - - [19/Mar/2025:13:27:11 +0100] "GET /Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36 Config/92.2.2788.20" "-" show less	Hacking
🇩🇪 Ba-Yu	2025-03-19 12:07:32 (1 year ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2025-03-19 12:05:32 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 08:05:28.060850 2025] [security2:error] [pid 1559195:tid 1559195] [client 199.21.149.32:55648] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.saudigreenrecycling.com\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.saudigreenrecycling.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z9qzCG9OauiswQqnGO7lywAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-19 11:20:07 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 19 07:20:03.138890 2025] [security2:error] [pid 11588:tid 11588] [client 199.21.149.32:56055] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.magnawebinc.com\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.magnawebinc.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z9qoY6NgTua2vBpE8ZGfngAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-18 06:30:03 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 18 02:29:56.590820 2025] [security2:error] [pid 134575:tid 134575] [client 199.21.149.32:55829] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.homebuilt.org\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.homebuilt.org"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z9kS5MkzdrQB3WJAyhu7xgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-18 05:52:38 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 18 01:52:32.383113 2025] [security2:error] [pid 16641:tid 16650] [client 199.21.149.32:60773] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.rwabutaza.com\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.rwabutaza.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z9kKIGY4cVjO51xTGbqTuAAAAgQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-17 08:33:04 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 17 04:33:00.387703 2025] [security2:error] [pid 27385:tid 27385] [client 199.21.149.32:61797] [client 199.21.149.32] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cpcontacts.kooroshvaziri.com\|F\|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cpcontacts.kooroshvaziri.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Z9fePA9oApgabbmJqasxZAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2025-03-16 18:17:27 (1 year ago)	📄 Probes for tons of inexistent files and/or PHP scripts	Hacking Web App Attack
🇫🇷 IRISIO	2025-03-16 17:28:33 (1 year ago)	scans/SQL injection/spam posts : 22 queries	SQL Injection Web App Attack
🇬🇧 Aetherweb Ark	2025-03-16 16:01:45 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 199.21.149.32 (CA/Canada/-): N in the last X se ... show more (mod_security) mod_security (id:210730) triggered by 199.21.149.32 (CA/Canada/-): N in the last X secs show less	Web App Attack

Showing 1 to 15 of 120 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:80d:1007::30

🇺🇸 107.151.202.115

🇳🇱 91.92.40.10

🇫🇷 85.217.140.46

🇭🇰 199.45.154.180

🇨🇴 152.200.181.42

🇷🇴 80.94.92.165

🇳🇱 77.91.71.12

🇺🇸 75.213.172.2

🇺🇸 44.138.96.203

🇮🇷 31.7.66.163

🇳🇱 5.61.209.43

🇧🇷 4.201.96.144

🇷🇴 2.57.122.177

🇺🇸 141.11.88.7

🇨🇳 47.92.217.103

🇨🇳 47.92.103.100

🇺🇸 34.174.171.35

🇨🇳 220.179.87.204

🇩🇪 167.233.90.74