AbuseIPDB » 212.18.113.209
212.18.113.209
This IP was reported 10 times. Confidence of
Abuse
is 25% : ?
ISP
FINE GROUP SERVERS SOLUTIONS LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS59651
Domain Name
finegroupservers.com
Country
๐ธ๐ช
Sweden
City
Marsta, Stockholm
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 212.18.113.209 :
This IP address has been reported a total of
10
times from
8 distinct
sources.
212.18.113.209 was first reported on
February 11th 2025 , and the most recent report was
1 day ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-06-03 07:47:34
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 212.18.113.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 212.18.113.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:47:28.037611 2026] [security2:error] [pid 32180:tid 32180] [client 212.18.113.209:22493] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Danbury II/Stetson Coffee/Thumbs.db"] [unique_id "ah_cEN_beegbWAUrCMjC6wAAAAA"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Danbury%20II/Stetson%20Coffee/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Oakley
2026-05-27 09:08:56
(1 week ago)
(mod_security) mod_security (id:900177) triggered by 212.18.113.209 (US/United States/-): 5 in the l ...
show more
(mod_security) mod_security (id:900177) triggered by 212.18.113.209 (US/United States/-): 5 in the last 900 secs
show less
Web App Attack
Hacking
๐จ๐ญ
backslash
2026-05-18 01:57:00
(2 weeks ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot
๐ฉ๐ช
Oakley
2026-05-15 10:03:46
(2 weeks ago)
(mod_security) mod_security (id:900178) triggered by 212.18.113.209 (US/United States/-): 5 in the l ...
show more
(mod_security) mod_security (id:900178) triggered by 212.18.113.209 (US/United States/-): 5 in the last 900 secs
show less
Web App Attack
Hacking
2026-05-13 11:39:07
(3 weeks ago)
Forum/form spam
Web Spam
๐จ๐ญ
backslash
2026-04-16 15:12:00
(1 month ago)
block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8
Bad Web Bot
๐ฌ๐ง
Bytemark
2026-02-03 13:00:57
(4 months ago)
212.18.113.209 - - [03/Feb/2026:13:00:57 +0000] "POST /xmlrpc.php HTTP/1.1" 500 5764 "-" "Wget/1.21. ...
show more
212.18.113.209 - - [03/Feb/2026:13:00:57 +0000] "POST /xmlrpc.php HTTP/1.1" 500 5764 "-" "Wget/1.21.4"
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
BPS-StatisticsIndonesia
2026-01-31 10:05:32
(4 months ago)
WP Login Scan Activities
Web App Attack
๐จ๐ฆ
polycoda
2026-01-25 12:44:18
(4 months ago)
๐ Probes for wp-login.php and other inexistent URLs
Hacking
Web App Attack
๐ธ๐ช
OnTheEdge
2025-02-11 06:11:51
(1 year ago)
Password spraying. Multiple unauthorized login attempts
Hacking
Web App Attack
Showing 1 to
10
of 10 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: