JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.120.141.130

172.120.141.130 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	IWIHOST NET
Usage Type	Data Center/Web Hosting/Transit
ASN	AS44559
Domain Name	iwihost.net
Country	🇬🇷 Greece
City	Thessaloniki, Central Macedonia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.120.141.130

Whois 172.120.141.130

IP Abuse Reports for 172.120.141.130:

This IP address has been reported a total of 6 times from 2 distinct sources. 172.120.141.130 was first reported on February 1st 2026, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-02-06 16:51:53 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 11:51:48.484497 2026] [security2:error] [pid 26932:tid 26932] [client 172.120.141.130:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eddysgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eddysgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYYcJK-Q0YXWvyrYLWVq7wAAABA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-06 16:36:05 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 11:35:56.983729 2026] [security2:error] [pid 9075:tid 9075] [client 172.120.141.130:38977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ibcountn.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ibcountn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYYYbKF5TMsE9vB0crIS1wAAABc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-02 00:10:54 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 19:10:49.045407 2026] [security2:error] [pid 21447:tid 21447] [client 172.120.141.130:37543] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|geceindia.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "geceindia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_riWwfN-PR9ccvNcdEhQAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 22:31:13 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 17:31:07.576013 2026] [security2:error] [pid 1581484:tid 1581484] [client 172.120.141.130:23693] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wcsystems.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wcsystems.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_UK_sAikwUHZd0DRbRlwAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 22:04:27 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 172.120.141.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 17:04:21.032767 2026] [security2:error] [pid 8098:tid 8098] [client 172.120.141.130:44169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eworld-media.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eworld-media.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX_N5QtwinosTwzVM5gDbQAAAFE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 smithclass.net	2026-02-01 20:07:26 (4 months ago)	Feb 1 20:07:25 gravy wordpress(lallygag.net)[917079]: XML-RPC authentication attempt for unknown us ... show more Feb 1 20:07:25 gravy wordpress(lallygag.net)[917079]: XML-RPC authentication attempt for unknown user jason from 172.120.141.130 ... show less	Hacking Brute-Force

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.74.173.39

🇻🇳 103.186.101.237

🇩🇪 69.5.169.163

🇯🇵 47.74.4.129

🇳🇱 45.148.10.240

🇺🇸 44.8.120.55

🇺🇸 34.75.18.35

🇺🇸 18.212.136.75

🇷🇴 193.46.255.86

🇳🇱 176.65.148.81

🇦🇺 45.132.225.219

🇺🇸 44.103.235.193

🇬🇧 35.203.210.203

🇺🇸 2001:468:500:103:9999::228

🇭🇰 103.100.208.168

🇳🇱 91.92.42.10

🇫🇮 45.159.23.161

🇺🇸 44.185.226.107

🇺🇸 44.35.35.132

🇨🇳 39.98.55.206