AbuseIPDB » 212.119.40.149
212.119.40.149
This IP was reported 8 times. Confidence of
Abuse
is 0% : ?
ISP
FINE GROUP SERVERS SOLUTIONS LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS35830
Domain Name
finegroupservers.com
Country
πΊπΈ
United States of America
City
New York City, New York
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 212.119.40.149 :
This IP address has been reported a total of
8
times from
8 distinct
sources.
212.119.40.149 was first reported on
June 2nd 2021 , and the most recent report was
1 month ago
Old Reports:
The most recent abuse report for this IP address is from
1 month ago
Reporter
IoA Timestamp (UTC)
Comment
Categories
π§πͺ
voormedia
2026-05-17 02:03:31
(1 month ago)
Accessed trap at '/wp-login.php'
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-31 05:40:08
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 212.119.40.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 212.119.40.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 31 00:40:03.533347 2025] [security2:error] [pid 16401:tid 16401] [client 212.119.40.149:10807] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||sandiegobeachrentals.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "sandiegobeachrentals.com"] [uri "/"] [unique_id "aVS3MwHvO-gy7iziK0o0PAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2025-11-08 13:12:17
(7 months ago)
212.119.40.149 - - [08/Nov/2025:14:12:15 +0100] "GET /pma/ HTTP/1.1" 404 178 "https://gl-amf.org/pma ...
show more
212.119.40.149 - - [08/Nov/2025:14:12:15 +0100] "GET /pma/ HTTP/1.1" 404 178 "https://gl-amf.org/pma/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36"
212.119.40.149 - - [08/Nov/2025:14:12:17 +0100] "GET /phpmyadmin/ HTTP/1.1" 404 178 "https://gl-amf.org/phpmyadmin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36"
...
show less
Web App Attack
2025-09-11 12:02:23
(9 months ago)
Web attack
Bad Web Bot
Web App Attack
π·πΊ
sms.ru
2024-09-21 04:10:07
(1 year ago)
SMS pumping attack from foreign country
DDoS Attack
π¬π§
Swiptly
2024-05-23 11:37:42
(2 years ago)
WordPress xmlrpc spam or enumeration
...
Web Spam
Bad Web Bot
Web App Attack
πΊπΈ
hostseries
2024-01-13 09:47:54
(2 years ago)
Trigger: LF_DISTATTACK
Brute-Force
π―π΅
Nanoniele
2021-06-02 09:43:17
(5 years ago)
Firefox/16.0; .cgi?c=4580%2F%2A%2A%2F%22%29%2F%2A%2A%2FOR%2F%2A%2A%2FJSON_KEYS%28%28SELECT%2F%2A%2A% ...
show more
Firefox/16.0; .cgi?c=4580%2F%2A%2A%2F%22%29%2F%2A%2A%2FOR%2F%2A%2A%2FJSON_KEYS%28%28SELECT%2F%2A%2A%2FCONVERT%28%28SELECT%2F%2A%2A%2FCONCAT%280x7a36756e%2C%28SELECT%2F%2A%2A%2F%28ELT%282836%3D2836%2C1%29%29%29%2C0x304d3038%29%29%2F%2A%2A%2FUSING%2F%2A%2A%2Futf8%29%29%29%2F%2A%2A%2FAND%2F%2A%2A%2F%28%221lgp%22%2F%2A%2A%2FLIKE%2F%2A%2A%2F%221lgp 4580**)**OR**JSON_KEYS((SELECT**CONVERT((SELECT**CONCAT(0x7a36756e,(SELECT**(ELT(2836=2836,1))),0x304d3038))**USING**utf8)))**AND**(1lgp**LIKE**1lgp
show less
SQL Injection
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: