AbuseIPDB » 213.232.123.137
213.232.123.137 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 17% : ?
ISP
FINE GROUP SERVERS SOLUTIONS LLC
Usage Type
Data Center/Web Hosting/Transit
ASN
AS35830
Domain Name
finegroupservers.com
Country
๐บ๐ธ
United States of America
City
Newark, New Jersey
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 213.232.123.137 :
This IP address has been reported a total of
8
times from
6 distinct
sources.
213.232.123.137 was first reported on
August 7th 2024 , and the most recent report was
3 weeks ago .
Old Reports:
The most recent abuse report for this IP address is from
3 weeks ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-06-09 15:31:10
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:30:54.165177 2026] [security2:error] [pid 23497:tid 23497] [client 213.232.123.137:48081] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jeranny.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jeranny.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aigxrrefR0cjWbptlVaFJAAAAAU"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-02 03:10:52
(1 month ago)
Web password guessing
Brute-Force
๐บ๐ธ
ambor
2026-05-31 16:44:20
(1 month ago)
Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: ...
show more
Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
kosada.com
2026-05-22 14:20:12
(1 month ago)
Web password guessing
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-21 05:40:13
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 01:39:59.074056 2026] [security2:error] [pid 5602:tid 5602] [client 213.232.123.137:20191] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||stagemadrid.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stagemadrid.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag6arxudJ_pkbpmyXBG0rQAAAA4"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-18 03:14:19
(1 month ago)
Attempt to scan vulnerabilities
Hacking
Anonymous
2025-03-28 13:09:10
(1 year ago)
This IP was involved in an brute force and password spray attack on 2025/03/28 08:02:56
Port Scan
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
Yawning Angel
2024-08-07 10:15:47
(1 year ago)
msg=SSL user failed to logged in logdesc=SSL VPN login fail user=lrivera remip=213.232.123.137 group ...
show more
msg=SSL user failed to logged in logdesc=SSL VPN login fail user=lrivera remip=213.232.123.137 group=N/A tunnelid=0 tunneltype=ssl-web dst_host=N/A reason=sslvpn_login_permission_denied
show less
Hacking
Brute-Force
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: