JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.18.113.42

212.18.113.42 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.18.113.42

Whois 212.18.113.42

IP Abuse Reports for 212.18.113.42:

This IP address has been reported a total of 7 times from 3 distinct sources. 212.18.113.42 was first reported on May 28th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇿 lp	2025-05-27 16:49:55 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 212.18.113.42 2025-05-27T17:36:08+02: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 212.18.113.42 2025-05-27T17:36:08+02:00 vpn Access-Reject 'acquisition' station: 212.18.113.42 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-05-18 19:49:34 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 212.18.113.42 2025-05-18T20:24:53+02: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 212.18.113.42 2025-05-18T20:24:53+02:00 vpn Access-Reject 'zaffirs' station: 212.18.113.42 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-05-18T20:28:07+02:00 vpn Access-Reject 'achromous' station: 212.18.113.42 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-03-10 19:11:17 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 10 15:11:11.677715 2025] [security2:error] [pid 4414:tid 4414] [client 212.18.113.42:51197] [client 212.18.113.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markaandrews.com"] [uri "/.env"] [unique_id "Z885T58DErOt2Aki-YiRYQAAAB8"], referer: https://tasamm.com/about/mmm139.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-09 22:16:14 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 09 18:16:06.914963 2025] [security2:error] [pid 26031:tid 26031] [client 212.18.113.42:43295] [client 212.18.113.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "merrickarts.azbrooks.com"] [uri "/.env"] [unique_id "Z84TJoXNVZ6pBfvCtuRZBgAAABE"], referer: https://tasamm.com/about/mmm162.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-07 03:18:13 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 06 22:18:06.035901 2025] [security2:error] [pid 18967:tid 18967] [client 212.18.113.42:10205] [client 212.18.113.42] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jiramp.com"] [uri "/.env"] [unique_id "Z8plbsoMZLD0h3hAB3djXAAAAAs"], referer: https://tasamm.com/about/ggg194.html show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 NxtGenIT	2024-05-31 00:10:52 (2 years ago)	212.18.113.42 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Attem ... show more 212.18.113.42 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Attempt show less	Brute-Force
🇺🇸 TPI-Abuse	2024-05-28 06:26:04 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 212.18.113.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 28 02:25:56.394779 2024] [security2:error] [pid 27679:tid 47960082028288] [client 212.18.113.42:18377] [client 212.18.113.42] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|linga.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "linga.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlV49HQB9ZRw0KIuMUza6AAAAZY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 152.32.214.226

🇺🇸 2600:1f18:3120:f504:3da:5e8b:eb3c:acf0

🇮🇷 178.131.186.115

🇰🇷 118.37.214.187

🇨🇳 117.79.226.9

🇬🇧 87.106.35.227

🇨🇳 60.166.83.78

🇮🇪 54.73.235.2

🇺🇸 137.131.9.65

🇭🇰 118.26.36.248

🇺🇸 107.152.44.215

🇨🇳 101.89.134.2

🇷🇺 85.174.65.34

🇮🇪 54.194.4.253

🇧🇷 205.210.31.228

🇺🇸 162.216.149.180

🇭🇰 150.109.155.54

🇭🇰 114.111.52.109

🇺🇸 100.26.112.67

🇳🇱 91.92.40.7