JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.109.231.227

213.109.231.227 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 74%: ?

74%

ISP	Teleradiocompany Discovery Ltd.
Usage Type	Fixed Line ISP
ASN	AS47702
Domain Name	tvnet.if.ua
Country	🇺🇦 Ukraine
City	Ivano-Frankivsk, Ivano-Frankivsk

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.109.231.227

Whois 213.109.231.227

IP Abuse Reports for 213.109.231.227:

This IP address has been reported a total of 20 times from 13 distinct sources. 213.109.231.227 was first reported on June 12th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 konseptit	2026-06-23 12:59:02 (14 hours ago)	(wordpress) Failed wordpress login from 213.109.231.227 (UA/Ukraine/-)	Brute-Force
Anonymous	2026-06-23 12:27:20 (15 hours ago)	[redacted] 213.109.231.227 - - [23/Jun/2026:14:26:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" ... show more [redacted] 213.109.231.227 - - [23/Jun/2026:14:26:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 213.109.231.227 - - [23/Jun/2026:14:26:47 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" [redacted] 213.109.231.227 - - [23/Jun/2026:14:26:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" [redacted] 213.109.231.227 - - [23/Jun/2026:14:27:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.1; WordPress/6.2; http://site77528046.com" [redacted] 213.109.231.227 - - [23/Jun/2026:14:27:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/13.0; WordPress/6.3; http://site55811318.com" ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-23 12:27:04 (15 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 10:27:04 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 213.109.231.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 213.109.231.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 06:26:56.810843 2026] [security2:error] [pid 11898:tid 11898] [client 213.109.231.227:65296] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.109.231.227 (+1 hits since last alert)\|portlunchgroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "portlunchgroup.com"] [uri "/xmlrpc.php"] [unique_id "ajpfcCeDpHny9mjxlqLJOgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 bittiguru.fi	2026-06-23 08:09:33 (19 hours ago)	213.109.231.227 - [23/Jun/2026:11:09:24 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack/12 ... show more 213.109.231.227 - [23/Jun/2026:11:09:24 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack/12.5; WordPress/6.4; http://site12788828.com" "-" 213.109.231.227 - [23/Jun/2026:11:09:33 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" "-" ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-23 07:54:17 (19 hours ago)	213.109.231.227 - [23/Jun/2026:10:54:08 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack by ... show more 213.109.231.227 - [23/Jun/2026:10:54:08 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack by WordPress.com" "-" 213.109.231.227 - [23/Jun/2026:10:54:17 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "WordPress.com; https://wordpress.com" "-" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 08:36:36 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 213.109.231.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 213.109.231.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 04:36:31.731903 2026] [security2:error] [pid 10581:tid 10581] [client 213.109.231.227:50240] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.109.231.227 (+1 hits since last alert)\|riser-astrology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "riser-astrology.com"] [uri "/xmlrpc.php"] [unique_id "ajj0DzsK9u8voMy2rIOJ2AAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2026-06-22 08:05:12 (1 day ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-22 07:35:31 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇲🇾 Rizzy	2026-06-22 06:04:51 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 dbmwebdesign	2026-06-18 12:20:36 (5 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-17 09:49:31 (6 days ago)	Blocked by ModSec and CSF	Port Scan
🇩🇪 konseptit	2026-06-15 13:19:37 (1 week ago)	(wordpress) Failed wordpress login from 213.109.231.227 (UA/Ukraine/-)	Brute-Force
Anonymous	2026-06-15 12:33:07 (1 week ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇫🇷 SpaceHost-Server	2026-06-15 10:29:21 (1 week ago)	213.109.231.227 - - [15/Jun/2026:12:28:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack b ... show more 213.109.231.227 - - [15/Jun/2026:12:28:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 213.109.231.227 - - [15/Jun/2026:12:29:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" 213.109.231.227 - - [15/Jun/2026:12:29:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com" show less	Hacking Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.90.233.165

🇺🇸 216.25.89.77

🇨🇳 182.244.0.150

🇮🇹 176.125.230.14

🇸🇬 101.47.158.56

🇳🇱 91.92.40.10

🇺🇸 45.79.177.245

🇧🇷 43.164.192.40

🇧🇪 35.205.242.102

🇺🇸 20.65.194.143

🇨🇳 14.18.122.240

🇰🇷 218.144.90.41

🇬🇧 195.206.182.194

🇳🇱 176.65.139.114

🇺🇸 154.40.36.4

🇩🇪 134.122.79.54

🇨🇳 112.86.225.15

🇳🇬 105.112.18.225

🇸🇬 103.136.221.55

🇮🇳 103.107.60.45