JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.40.72.254

216.40.72.254 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 18%: ?

18%

ISP	PureKernel LLC
Usage Type	Fixed Line ISP
ASN	AS213954
Domain Name	purekernel.net
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.40.72.254

Whois 216.40.72.254

IP Abuse Reports for 216.40.72.254:

This IP address has been reported a total of 9 times from 6 distinct sources. 216.40.72.254 was first reported on January 30th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ipblock.com	2026-06-04 09:51:00 (3 days ago)	IPBlock protected site ID [3192-af][s=02]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 19:14:43 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 15:14:35.263017 2026] [security2:error] [pid 29035:tid 29035] [client 216.40.72.254:64353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iconconstructors.com"] [uri "/.wp-config.php.swp"] [unique_id "ag4IGx1Ki42XHgKNIBbxwQAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 15:44:52 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:44:47.943087 2026] [security2:error] [pid 16571:tid 16571] [client 216.40.72.254:48553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.escapegeorgesrouquier.williamgilcher.com"] [uri "/wp-config.txt"] [unique_id "ag3W77PDMju89bp2OzDtUwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 12:42:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:42:12.984339 2026] [security2:error] [pid 31440:tid 31440] [client 216.40.72.254:40107] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.store.newmooncafe.com"] [uri "/wp-config.php~"] [unique_id "ag2sJA2bDt2Wb6Q-GwX9QgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 ThreatBook.io	2026-04-21 23:57:25 (1 month ago)	2026-04-21 21:30:04 /	Web App Attack
🇺🇸 TPI-Abuse	2026-03-06 20:56:24 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 216.40.72.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 06 15:56:17.695689 2026] [security2:error] [pid 13474:tid 13474] [client 216.40.72.254:61131] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|zodiacwin.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "zodiacwin.com"] [uri "/"] [unique_id "aas_cfTT4qjiH0lx6nvHNwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-02-03 07:39:54 (4 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 216.40.72.254 (FI/Finland/-): 1 in the last 36 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 216.40.72.254 (FI/Finland/-): 1 in the last 3600 secs (0-193) show less	Hacking
🇩🇪 stinpriza	2026-02-02 09:36:23 (4 months ago)	Web App Attack	Web App Attack
🇺🇸 island-freaks.com	2026-01-30 21:03:29 (4 months ago)	Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 216.40.72.254 \| Agent: Mozi ... show more Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 216.40.72.254 \| Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.132

🇨🇳 171.37.46.239

🇺🇸 146.70.172.169

🇨🇱 190.46.77.254

🇩🇪 167.94.146.55

🇺🇸 107.167.34.125

🇮🇩 103.152.242.106

🇮🇩 46.202.138.211

🇬🇧 5.226.140.66

🇪🇸 217.154.106.153

🇺🇸 173.61.94.76

🇮🇳 168.220.237.171

🇺🇸 154.28.193.183

🇨🇳 111.17.199.57

🇬🇧 92.27.101.99

🇳🇱 89.106.86.98

🇵🇱 64.176.65.85

🇬🇧 31.14.254.84

🇮🇩 2a02:4780:6:1253:0:172e:eeb5:1

🇺🇸 205.210.31.37