AbuseIPDB » 172.121.220.56
172.121.220.56 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 3% : ?
ISP
EGIHosting
Usage Type
Fixed Line ISP
ASN
AS3257
Domain Name
egihosting.com
Country
๐บ๐ธ
United States of America
City
Dallas, Texas
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 172.121.220.56 :
This IP address has been reported a total of
8
times from
5 distinct
sources.
172.121.220.56 was first reported on
November 25th 2022 , and the most recent report was
3 days ago .
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
Jason Howell
2026-07-11 13:26:46
(3 days ago)
172.121.220.56 - - [11/Jul/2026:08:26:35 -0500] "GET /wp-login.php?action=lostpassword&redirect_to=h ...
show more
172.121.220.56 - - [11/Jul/2026:08:26:35 -0500] "GET /wp-login.php?action=lostpassword&redirect_to=https://www.golfbackspin.com/ HTTP/1.1" 200 1893 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4a) Gecko/20030401"
172.121.220.56 - - [11/Jul/2026:08:26:42 -0500] "GET /wp-login.php?action=lostpassword&redirect_to=https://www.golfbackspin.com/frequently-asked-questions/ HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4a) Gecko/20030401"
172.121.220.56 - - [11/Jul/2026:08:26:43 -0500] "GET /wp-login.php?action=lostpassword&redirect_to=https://www.golfbackspin.com/book-online/ HTTP/1.1" 200 1902 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4a) Gecko/20030401"
172.121.220.56 - - [11/Jul/2026:08:26:44 -0500] "GET /wp-login.php?action=lostpassword&redirect_to=https://www.golfbackspin.com/golf-simulators/ HTTP/1.1" 200 1903 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.4a) Gecko/20030401"
172.121.220.5
...
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2026-04-13 23:11:52
(3 months ago)
ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/172.121.220.56
20 ...
show more
ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/172.121.220.56
2026-04-13 13:16:02 /cc.gif
2026-04-13 13:16:49 /cc.gif
2026-04-13 13:37:43 /cc.gif
show less
Web App Attack
๐จ๐ณ
ThreatBook.io
2025-03-01 23:28:05
(1 year ago)
ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/172.121.220.56
20 ...
show more
ThreatBook Intelligence: Zombie,vpn_proxy more details on https://threatbook.io/ip/172.121.220.56
2025-03-01 04:22:06 /
2025-03-01 04:22:08 /robots.txt
2025-03-01 04:22:08 /
show less
Web App Attack
๐ท๐ธ
Smel
2024-03-16 18:08:15
(2 years ago)
Unauthorized Probe/Connection, Hack -
Port Scan
Hacking
Anonymous
2023-11-27 06:09:45
(2 years ago)
Malicious activity detected
Hacking
Web App Attack
๐ท๐ธ
Smel
2023-09-25 13:03:49
(2 years ago)
Unauthorized Probe/Connection, Hack -
Port Scan
Hacking
๐จ๐ณ
ThreatBook.io
2023-02-07 22:28:45
(3 years ago)
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/172.121.220.56
2023-02-07 13 ...
show more
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/172.121.220.56
2023-02-07 13:49:38 /docs/config/listeners.html
show less
Web App Attack
๐ฎ๐ฉ
hermawan
2022-11-25 08:17:00
(3 years ago)
[Fri Nov 25 20:14:27.027470 2022] [-:error] [pid 749453:tid 140043116369472] [client 172.121.220.56: ...
show more
[Fri Nov 25 20:14:27.027470 2022] [-:error] [pid 749453:tid 140043116369472] [client 172.121.220.56:50703] [client 172.121.220.56] ModSecurity: Access denied with code 403 (phase 2). String match within "/accept-charset/ /content-encoding/ /proxy/ /lock-token/ /content-range/ /if/" at TX:header_name_accept-charset. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1363"] [id "920450"] [msg "HTTP header is restricted by policy (/accept-charset/)"] [data "Restricted header detected: /accept-charset/"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/12.1"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/analisis-iklim/analisis-musim/normal-awal-musim-hujan"] [unique_id "Y4C_sxzKlOgWGl4ttnIxYQAAAXc"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[749580] [
...
show less
Hacking
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: