JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.232.120.89

213.232.120.89 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 13%: ?

13%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.232.120.89

Whois 213.232.120.89

IP Abuse Reports for 213.232.120.89:

This IP address has been reported a total of 13 times from 9 distinct sources. 213.232.120.89 was first reported on March 19th 2022, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 01:10:47 (14 hours ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 21:10:31.047610 2026] [security2:error] [pid 30942:tid 30942] [client 213.232.120.89:12661] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|infinite-e.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "infinite-e.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiNzh0bkq9GV1sUCwORhngAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-05-11 17:00:05 (3 weeks ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 03:35:00 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 23:34:43.896930 2026] [security2:error] [pid 2163:tid 2163] [client 213.232.120.89:58527] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|machinetoolsjwk.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "machinetoolsjwk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af_805LEv3HsXoHgIQXugQAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 09:20:37 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 05:20:22.769056 2026] [security2:error] [pid 16086:tid 16086] [client 213.232.120.89:22763] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adIpVkcyxmEIoVQX2l8cmgAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-04-04 01:34:45 (2 months ago)	Honeypot access: WordPress admin access attempt. Path: /wp-login.php	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 13:39:47 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 09:39:29.019890 2026] [security2:error] [pid 5488:tid 5488] [client 213.232.120.89:25353] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tolenaar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tolenaar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acvOkQnJFpDDfQJ85QSJ-AAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 08:11:07 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 213.232.120.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 04:10:53.875793 2026] [security2:error] [pid 2057:tid 2057] [client 213.232.120.89:26145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|willymoc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "willymoc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acuBjSAeWjiuEkCeJycvWQAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-02-08 22:18:19 (1 year ago)	WP Login Scan Activities	Web App Attack
🇷🇺 sms.ru	2024-09-20 16:40:08 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇩🇪 NxtGenIT	2024-06-04 21:26:05 (2 years ago)	213.232.120.89 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Atte ... show more 213.232.120.89 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Attempt show less	Brute-Force
🇲🇾 syokadmin	2024-02-16 20:35:47 (2 years ago)	213.232.120.89 (NL/The Netherlands/-), more than 2 Apache 403 hits in the last 3600 secs	Brute-Force
🇷🇸 Smel	2023-12-14 08:30:35 (2 years ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
Anonymous	2022-03-19 22:30:00 (4 years ago)	Password Spary Attack	Brute-Force Exploited Host

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.194.220.230

🇳🇱 45.148.10.152

🇺🇸 206.204.38.110

🇺🇸 206.189.233.36

🇹🇳 197.17.11.166

🇷🇺 195.133.217.62

🇮🇳 182.95.182.166

🇷🇺 178.218.116.43

🇩🇪 155.117.127.214

🇨🇦 143.110.213.72

🇰🇷 59.24.133.197

🇫🇷 51.210.0.2

🇳🇱 46.8.68.144

🇹🇳 196.227.22.215

🇷🇴 193.32.162.80

🇳🇱 176.65.139.236

🇵🇱 143.20.97.223

🇬🇧 35.203.211.120

🇬🇧 35.203.210.147

🇺🇸 208.84.100.238