JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 212.58.120.227

212.58.120.227 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 4%: ?

ISP	Magticom
Usage Type	Mobile ISP
ASN	AS16010
Domain Name	magticom.ge
Country	🇬🇪 Georgia
City	Tbilisi, Tbilisi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 212.58.120.227

Whois 212.58.120.227

IP Abuse Reports for 212.58.120.227:

This IP address has been reported a total of 14 times from 9 distinct sources. 212.58.120.227 was first reported on March 5th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-25 19:50:13 (2 days ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-08 04:01:37 (2 months ago)	(mod_security) mod_security (id:218580) triggered by 212.58.120.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218580) triggered by 212.58.120.227 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 00:01:32.075775 2026] [security2:error] [pid 2635064:tid 2635064] [client 212.58.120.227:12316] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:c. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|watermarks.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "watermarks.info"] [uri "/bus.php"] [unique_id "adXTHHRBKumefxSbazThIAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 maxxsense	2026-04-03 23:05:03 (2 months ago)	212.58.120.227 (GE/Georgia/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
🇺🇸 kosada.com	2026-03-17 14:20:37 (3 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 eacontent	2026-03-10 12:43:00 (3 months ago)	212.58.120.227 - - [24/Feb/2026:06:50:14 -0500] "GET /subscribe/subscription_customer_edit.php?setup ... show more 212.58.120.227 - - [24/Feb/2026:06:50:14 -0500] "GET /subscribe/subscription_customer_edit.php?setup=accountAND%2F%2A%2A%2FROW%289126%2C7903%29%3E%28SELECT%2F%2A%2A%2FCOUNT%28%2A%29%2CCONCAT%28%27~%27%2C%28SELECT%2F%2A%2A%2F%28ELT%289126%3D9126%2C1%29%29%29%2C%27~%27%2CFLOOR%28RAND%280%29%2A2%29%29x%2F%2A%2A%2FFROM%2F%2A%2A%2F%28SELECT%2F%2A%2A%2F10920%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F7066%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F6877%2F%2A%2A%2FUNION%2F%2A%2A%2FSELECT%2F%2A%2A%2F1783%29a%2F%2A%2A%2FGROUP%2F%2A%2A%2FBY%2F%2A%2A%2Fx%29%23 HTTP/1.1" 404 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" show less	SQL Injection
🇺🇸 tropicalidad.be	2026-03-03 07:27:20 (3 months ago)	blog comment/referrer spam	Web Spam
🇺🇸 TPI-Abuse	2026-01-14 14:58:16 (5 months ago)	(mod_security) mod_security (id:210730) triggered by 212.58.120.227 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 212.58.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 14 09:58:13.237904 2026] [security2:error] [pid 4183209:tid 4183209] [client 212.58.120.227:32024] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.williamfitzsimmons.com\|F\|2"] [data ".majesticmadison.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.williamfitzsimmons.com"] [uri "/www.majesticmadison.com"] [unique_id "aWevBQtZpqUykIPr9vfVCQAAAAs"], referer: http://www.williamfitzsimmons.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 09:01:48 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-11-24 17:42:32 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-18 11:20:33 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-07-31 03:26:44 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-07-30 02:09:48 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇬🇧 Steve	2021-03-05 11:22:50 (5 years ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.223.107.86

🇪🇬 197.44.33.58

🇲🇽 187.191.48.4

🇨🇴 186.146.235.58

🇻🇳 180.93.172.213

🇨🇳 115.56.238.174

🇳🇱 78.142.18.40

🇺🇸 76.87.164.167

🇨🇳 36.33.167.165

🇮🇳 223.233.87.52

🇮🇳 192.178.119.28

🇹🇭 147.50.231.135

🇳🇬 62.173.38.229

🇬🇧 5.226.140.31

🇲🇾 2001:f40:92d:213:b173:6e5b:eeb7:19a9

🇬🇧 217.146.80.119

🇩🇪 213.209.159.225

🇹🇼 198.235.24.111

🇺🇸 198.46.131.42

🇧🇷 179.51.153.37