JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.119.40.121

212.119.40.121 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	New York City, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.119.40.121

Whois 212.119.40.121

IP Abuse Reports for 212.119.40.121:

This IP address has been reported a total of 11 times from 9 distinct sources. 212.119.40.121 was first reported on March 17th 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-05 09:50:51 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 212.119.40.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 212.119.40.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 05:50:29.390158 2026] [security2:error] [pid 16647:tid 16647] [client 212.119.40.121:29809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evolute.io"] [uri "/wp-config.php.backup"] [unique_id "afm9ZZflDv00Y8jRK3hQ2wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 17:55:00 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 212.119.40.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 212.119.40.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 12:54:55.684278 2026] [security2:error] [pid 8334:tid 8334] [client 212.119.40.121:36013] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.admin.turedinmobiliaria.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.admin.turedinmobiliaria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX-Tb1JebbaYmXyh2DX_CwAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-01-16 02:10:55 (5 months ago)	[Fri Jan 16 03:10:54.204175 2026] [proxy_fcgi:error] [pid 2821959:tid 2822751] [remote 212.119.40.12 ... show more [Fri Jan 16 03:10:54.204175 2026] [proxy_fcgi:error] [pid 2821959:tid 2822751] [remote 212.119.40.121:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Fri Jan 16 03:10:54.897113 2026] [proxy_fcgi:error] [pid 2821953:tid 2822436] [remote 212.119.40.121:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇨🇭 backslash	2025-11-20 10:40:04 (6 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-09-18 03:24:30 (8 months ago)	(mod_security) mod_security (id:210831) triggered by 212.119.40.121 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 212.119.40.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 17 23:24:22.023420 2025] [security2:error] [pid 2599:tid 2599] [client 212.119.40.121:14895] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thechoiceint.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thechoiceint.com"] [uri "/webalizer/usage_202509.html"] [unique_id "aMt7ZkZAElzAp-8RrJxTtQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 hostseries	2025-03-14 01:50:10 (1 year ago)	Brute-force cPanel Services	Brute-Force
Anonymous	2024-12-17 19:00:33 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
Anonymous	2024-12-16 21:15:04 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
🇷🇺 sms.ru	2024-09-24 11:25:07 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇺🇸 RLDD	2024-03-11 06:41:52 (2 years ago)	WP probing for vulnerabilities -mob	Web App Attack
🇱🇰 csoc	2021-03-17 05:46:45 (5 years ago)	SQL	SQL Injection Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.63.10.158

🇵🇱 149.50.101.59

🇮🇳 103.111.228.36

🇳🇱 91.92.40.6

🇺🇸 65.49.1.52

🇸🇬 47.79.11.166

🇺🇸 216.26.231.240

🇰🇬 213.109.66.157

🇷🇴 193.46.255.86

🇵🇦 181.197.53.48

🇭🇰 165.154.62.128

🇮🇳 163.61.31.167

🇭🇰 154.211.37.101

🇦🇷 149.107.222.77

🇵🇹 148.63.113.255

🇮🇳 144.24.110.184

🇺🇸 107.174.52.115

🇸🇬 101.47.27.73

🇸🇪 90.230.226.175

🇳🇱 85.11.167.7