JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.40.74.12

216.40.74.12 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 10%: ?

10%

ISP	PureKernel LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS213954
Domain Name	purekernel.net
Country	🇺🇸 United States of America
City	Louisville, Kentucky

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.40.74.12

Whois 216.40.74.12

IP Abuse Reports for 216.40.74.12:

This IP address has been reported a total of 10 times from 9 distinct sources. 216.40.74.12 was first reported on February 6th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-05-17 05:28:58 (3 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.40.74.12 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 216.40.74.12 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇧🇪 voormedia	2026-05-17 01:14:24 (3 weeks ago)	Accessed trap at '/wp-login.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 20:21:16 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 216.40.74.12 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 216.40.74.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 16:21:12.931548 2026] [security2:error] [pid 3512:tid 3512] [client 216.40.74.12:10271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 216.40.74.12 (+1 hits since last alert)\|magacine.tv\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magacine.tv"] [uri "/xmlrpc.php"] [unique_id "acRDuL305j-rQASa3mC68AAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2026-03-25 17:44:06 (2 months ago)	(wplogin) Failed WordPress login from 216.40.74.12 (FI/Finland/-): 5 in the last 3600 secs (0-123)	Hacking
🇩🇪 kjaerulff	2026-03-25 10:04:36 (2 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 antlac1	2026-03-25 05:12:30 (2 months ago)	crowdsecurity/http-bf-wordpress_bf	Brute-Force Web App Attack
🇩🇪 neverdown.eu	2026-03-24 19:27:07 (2 months ago)	(XMLRPC) WP XMLPRC Attack 216.40.74.12 (FI/Finland/-): 5 in the last 60 secs; Ports: ; Direction: i ... show more (XMLRPC) WP XMLPRC Attack 216.40.74.12 (FI/Finland/-): 5 in the last 60 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 216.40.74.12 - - [24/Mar/2026:21:25:33 +0200] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 216.40.74.12 - - [24/Mar/2026:21:25:34 +0200] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 216.40.74.12 - - [24/Mar/2026:21:25:34 +0200] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 216.40.74.12 - - [24/Mar/2026:21:25:34 +0200] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" 216.40.74.12 - - [24/Mar/2026:21:25:35 +0200] "POST /xmlrpc.php HTTP/1.1" 301 795 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)" show less	Port Scan
🇪🇸 masterguru	2026-03-24 11:10:24 (2 months ago)	(wplogin) Failed WordPress login from 216.40.74.12 (FI/Finland/-): 5 in the last 3600 secs (0-123)	Hacking
🇮🇹 VHosting	2026-03-17 11:15:06 (2 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇫🇷 mrcrassi	2026-02-06 09:05:52 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from FI. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from FI. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Wget/1.21.4 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇲 216.10.217.79

🇧🇪 198.235.24.181

🇹🇼 198.235.24.91

🇬🇧 185.216.145.182

🇳🇱 172.94.9.31

🇬🇧 165.154.252.172

🇺🇸 162.216.149.50

🇺🇸 147.185.132.246

🇨🇳 125.118.73.110

🇨🇳 115.238.36.102

🇨🇳 81.70.231.23

🇬🇧 81.19.219.226

🇸🇬 47.237.217.214

🇺🇸 45.130.83.232

🇫🇷 38.147.140.170

🇬🇧 31.14.254.95

🇬🇧 31.14.254.64

🇺🇸 13.89.125.20

🇷🇴 2.57.121.25

🇭🇰 218.188.194.70