JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 62.204.49.120

62.204.49.120 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 8%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 62.204.49.120

Whois 62.204.49.120

IP Abuse Reports for 62.204.49.120:

This IP address has been reported a total of 20 times from 8 distinct sources. 62.204.49.120 was first reported on May 23rd 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-20 19:15:05 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 15:14:58.985400 2026] [security2:error] [pid 28917:tid 28917] [client 62.204.49.120:41685] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iconflgc.com"] [uri "/wp-config.txt"] [unique_id "ag4IMrOoXBdqMxFb6SIW3AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 17:59:09 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 13:59:00.550374 2026] [security2:error] [pid 31726:tid 31726] [client 62.204.49.120:24951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cienmalos.com"] [uri "/.wp-config.php.swp"] [unique_id "ag32ZCPIFf4Ahmr10aXIogAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 16:07:41 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:07:36.406520 2026] [security2:error] [pid 16848:tid 16848] [client 62.204.49.120:52125] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paulsingdahlsen.com"] [uri "/wp-config.php.old"] [unique_id "ag3cSFYKALrVl4FPDKVsowAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 12:57:11 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:57:03.961851 2026] [security2:error] [pid 30748:tid 30748] [client 62.204.49.120:60947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bonesband.com"] [uri "/wp-config.php.save"] [unique_id "ag2vn-yn6sYODFSubZ1MrgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Matthew Ping	2026-05-16 00:00:06 (1 month ago)	ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇬🇧 Celtic	2026-04-15 00:59:24 (2 months ago)	Blocked by Fail2Ban with Jail (plesk-modsecurity)	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-03-25 07:25:32 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 62.204.49.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 03:25:00.538978 2026] [security2:error] [pid 4604:tid 4604] [client 62.204.49.120:12629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csm-dtc.com"] [uri "/wp-config.php.original"] [unique_id "acONzK4uMCF9Rfb40iEhYQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 agenciahypelab.com.br	2026-02-06 01:32:17 (4 months ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇨🇿 lp	2025-12-04 20:50:28 (6 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-12-04T20:43:10+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-12-04T20:43:10+01:00 vpn Access-Reject 'user4' station: 62.204.49.120 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-12-03 07:24:39 (6 months ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 62.204.49.120 2025-12-03T06:58:26+01: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 62.204.49.120 2025-12-03T06:58:26+01:00 vpn Access-Reject 'student1' station: 62.204.49.120 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-12-03T07:35:55+01:00 vpn Access-Reject 'success3' station: 62.204.49.120 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-12-02 19:24:06 (6 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-12-02T20:00:52+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-12-02T20:00:52+01:00 vpn Access-Reject 'scan' station: 62.204.49.120 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-20 16:29:50 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-03-20T16:13:38+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-03-20T16:13:38+01:00 vpn Access-Reject 'Garman' station: 62.204.49.120 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-19 11:53:16 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-03-19T12:35:51+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 62.204.49.120 2025-03-19T12:35:51+01:00 vpn Access-Reject 'russman' station: 62.204.49.120 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇸🇪 OnTheEdge	2025-03-14 20:16:54 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇪🇸 el-brujo	2024-06-09 21:23:00 (2 years ago)	DDoS Attack Layer 7 - REQUESTS / HTTP/2.0	DDoS Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 2a09:bac5:658:7af::c4:28

🇮🇳 139.5.38.240

🇺🇸 98.157.226.42

🇺🇸 65.49.1.122

🇳🇱 45.153.34.195

🇬🇧 35.203.211.101

🇬🇧 185.216.145.184

🇨🇳 183.150.183.63

🇩🇪 167.94.145.29

🇺🇸 141.11.88.18

🇭🇰 112.120.171.95

🇬🇧 95.147.15.250

🇮🇷 89.36.226.8

🇺🇸 69.73.187.130

🇧🇷 201.17.146.173

🇹🇷 185.93.69.169

🇺🇸 152.32.233.100

🇹🇼 114.34.106.146

🇵🇹 109.50.185.153

🇻🇳 103.200.24.17