JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 31.40.195.116

31.40.195.116 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 7%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 31.40.195.116

Whois 31.40.195.116

IP Abuse Reports for 31.40.195.116:

This IP address has been reported a total of 13 times from 11 distinct sources. 31.40.195.116 was first reported on October 30th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-15 21:36:24 (1 month ago)	(mod_security) mod_security (id:211030) triggered by 31.40.195.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211030) triggered by 31.40.195.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 17:36:20.853799 2026] [security2:error] [pid 9849:tid 9849] [client 31.40.195.116:22379] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at ARGS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "17"] [id "211030"] [rev "3"] [msg "COMODO WAF: LDAP Injection Attack\|\|www.genesis-castle.com\|F\|2"] [data "Matched Data: (%'%~%'%\|%\|%( found within ARGS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.genesis-castle.com"] [uri "/gallery/index.php"] [unique_id "ageR1DFl7b9N3Aqo44ZU1AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-05-02 01:36:50 (1 month ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 31.40.195.116 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 31.40.195.116 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇨🇭 backslash	2026-02-10 03:30:06 (4 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇫🇷 tilellit.pro	2026-02-06 16:17:31 (4 months ago)	Fail2Ban banned 31.40.195.116 for security violations in jail wp-armour. Log: 2026/02/06 16:17:31 [e ... show more Fail2Ban banned 31.40.195.116 for security violations in jail wp-armour. Log: 2026/02/06 16:17:31 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 31.40.195.116 \| Target: wplogin" , client: 31.40.195.116, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
Anonymous	2026-02-03 06:34:35 (4 months ago)	"GET /wp-login.php HTTP/1.1"	Hacking Web App Attack
🇧🇪 voormedia	2026-02-03 04:02:52 (4 months ago)	Accessed trap at '/wp-login.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-01-31 04:38:05 (4 months ago)	(mod_security) mod_security (id:210350) triggered by 31.40.195.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 31.40.195.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 23:37:59.976059 2026] [security2:error] [pid 801235:tid 801264] [client 31.40.195.116:20379] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|certifiedebusinessconsultant.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "certifiedebusinessconsultant.com"] [uri "/"] [unique_id "aX2HJzNLnTHmSvpq3FIqkQAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-01-25 23:54:54 (4 months ago)	📄 Probes for wp-login.php and other inexistent URLs	Hacking Web App Attack
Anonymous	2026-01-25 20:03:53 (4 months ago)	wordpress-trap	Web App Attack
🇩🇪 HandyTreff.de	2026-01-12 16:52:02 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.825 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -33.825 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3529.1 show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-19 19:00:31 (7 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 island-freaks.com	2025-10-09 03:29:02 (8 months ago)	Attack Type: WordPress Exploit Bot attempt on /xmlrpc.php \| DNS 31.40.195.116 \| Agent: Mozilla/5.0 ( ... show more Attack Type: WordPress Exploit Bot attempt on /xmlrpc.php \| DNS 31.40.195.116 \| Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/532.35 (KHTML, like Gecko111) Chrome/96.9 Safari/539.55 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇺🇸 vestibtech	2024-10-30 06:51:16 (1 year ago)	Oct 30 00:51:16 Host-KLAX-C amavis[2478464]: (2478464-01) Blocked SPAM {RejectedInternal}, AM.PDP-SO ... show more Oct 30 00:51:16 Host-KLAX-C amavis[2478464]: (2478464-01) Blocked SPAM {RejectedInternal}, AM.PDP-SOCK LOCAL [217.169.118.20] [31.40.195.116] <[email protected]> -> <[email protected]>, Queue-ID: 60F8F1C2A81, Message-ID: <[email protected]>, mail_id: F7FWMY4QaSjJ, Hits: 6.971, size: 9312, 642 ms ... show less	Email Spam

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.249.120.176

🇺🇸 162.216.150.45

🇮🇳 143.110.251.21

🇷🇴 89.40.222.242

🇺🇸 20.51.235.107

🇺🇸 50.116.72.139

🇺🇸 44.25.94.48

🇺🇸 40.78.189.106

🇬🇧 35.203.211.80

🇻🇳 14.224.215.237

🇮🇳 2409:4090:f055:f606:90ae:22cb:d2a:fe97

🇧🇷 205.210.31.238

🇺🇸 188.213.202.97

🇳🇱 185.224.137.37

🇸🇬 172.188.218.162

🇮🇳 157.49.19.230

🇺🇸 147.185.132.95

🇨🇳 117.69.255.239

🇻🇳 113.187.226.167

🇺🇸 98.82.72.140