JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.232.120.227

213.232.120.227 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 12%: ?

12%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.232.120.227

Whois 213.232.120.227

IP Abuse Reports for 213.232.120.227:

This IP address has been reported a total of 14 times from 6 distinct sources. 213.232.120.227 was first reported on February 17th 2021, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 inlink.ltd	2026-05-27 18:12:07 (3 weeks ago)	Known malicious PHP file or CMS probe	Web App Attack
🇺🇸 TPI-Abuse	2026-05-03 16:59:31 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 12:59:17.945710 2026] [security2:error] [pid 20408:tid 20408] [client 213.232.120.227:61677] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|saratogaequity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saratogaequity.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afd-5TnNhOQaPJ_ot_sSqgAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-29 00:03:50 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 20:03:36.625821 2026] [security2:error] [pid 23327:tid 23327] [client 213.232.120.227:59663] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|zentinex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zentinex.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afFK2I2tKtPrVrpI1rP2cwAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 21:26:07 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 17:25:52.925870 2026] [security2:error] [pid 25373:tid 25373] [client 213.232.120.227:38971] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tremulant.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tremulant.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae6C4N_eDpoRyfmfMy84cgAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-19 12:17:11 (1 month ago)	FPROCO WEBEXPLOIT 213.232.120.227 (213.232.120.227)	Web App Attack
🇺🇸 TPI-Abuse	2026-03-24 16:38:24 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 12:38:08.191216 2026] [security2:error] [pid 20209:tid 20209] [client 213.232.120.227:17401] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|btsalesrep.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "btsalesrep.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acK98M1gsHFtTJU-X3ogbQAAABg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-23 23:02:27 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 19:02:12.406373 2026] [security2:error] [pid 22844:tid 22844] [client 213.232.120.227:27397] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|timjbutler.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "timjbutler.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acHGdIIJHqxpfNCtdGEo7QAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-04 07:31:16 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 04 02:30:59.412271 2026] [security2:error] [pid 5396:tid 5396] [client 213.232.120.227:23031] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaffs6w1nD4SUJe1bOxL0wAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2023-12-28 08:52:05 (2 years ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 213.232.120.227 (NL/The Netherlands/ ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 213.232.120.227 (NL/The Netherlands/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 octageeks.com	2021-12-26 00:09:58 (4 years ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2021-12-25 00:09:09 (4 years ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2021-12-24 00:08:53 (4 years ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 octageeks.com	2021-12-23 00:08:39 (4 years ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇨🇭 backslash	2021-02-17 03:20:13 (5 years ago)		Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.207.55.165

🇩🇪 185.242.3.226

🇧🇷 179.98.168.69

🇺🇸 162.216.149.136

🇫🇮 147.185.133.48

🇺🇸 135.119.16.170

🇯🇵 133.18.110.227

🇸🇸 102.211.193.146

🇧🇬 79.124.60.146

🇺🇸 20.83.32.182

🇧🇷 205.210.31.167

🇨🇳 125.77.73.145

🇯🇵 124.18.182.99

🇺🇸 73.158.129.119

🇻🇳 27.79.45.134

🇬🇧 185.247.137.103

🇺🇸 168.100.149.230

🇭🇰 165.154.41.205

🇩🇪 164.92.129.176

🇮🇳 122.187.224.173