JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 102.88.54.116

102.88.54.116 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 27%: ?

27%

ISP	MTN Nigeria
Usage Type	Fixed Line ISP
ASN	AS29465
Domain Name	mtnnigeria.net
Country	🇳🇬 Nigeria
City	Lagos, Lagos

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 102.88.54.116

Whois 102.88.54.116

IP Abuse Reports for 102.88.54.116:

This IP address has been reported a total of 28 times from 23 distinct sources. 102.88.54.116 was first reported on May 23rd 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-09 20:08:58 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-08 23:16:59 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 102.88.54.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.88.54.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 19:16:54.898942 2026] [security2:error] [pid 24670:tid 24670] [client 102.88.54.116:20206] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wealthsec.com"] [uri "/.env.production"] [unique_id "aidNZhVUZZs6WmLEVWQv4AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-08 22:23:37 (1 week ago)	[TueJun0900:23:31.0749662026][security2:error][pid1922203:tid1922378][client102.88.54.116:0]ModSecur ... show more [TueJun0900:23:31.0749662026][security2:error][pid1922203:tid1922378][client102.88.54.116:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"ppinvestment.ch\"][uri\"/.env.production\"][unique_id\"aidA43ZmflISMJ6VievLyQAAANI\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 21:04:03 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 102.88.54.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.88.54.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 17:03:58.123502 2026] [security2:error] [pid 31353:tid 31353] [client 102.88.54.116:22530] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "digitaltom.com"] [uri "/.env"] [unique_id "aicuPrjPSwmOS2-GW8xYzwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-01 09:36:40 (3 weeks ago)	102.88.54.116 - - [01/Jun/2026:11:36:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.co ... show more 102.88.54.116 - - [01/Jun/2026:11:36:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com" 102.88.54.116 - - [01/Jun/2026:11:36:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 102.88.54.116 - - [01/Jun/2026:11:36:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" show less	Hacking Web App Attack
Anonymous	2026-05-16 19:27:28 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇮🇹 VHosting	2025-12-23 11:23:14 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇫🇷 dynamix	2025-12-08 13:43:58 (6 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 getdk	2025-12-08 13:43:07 (6 months ago)	[Mon Dec 08 13:36:14.167872 2025] [security2:error] [pid 4957] [client 102.88.54.116:3331] [client 1 ... show more [Mon Dec 08 13:36:14.167872 2025] [security2:error] [pid 4957] [client 102.88.54.116:3331] [client 102.88.54.116] ModSecurity: Access denied with code 403 (phase ... show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-08 13:14:31 (6 months ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇫🇷 Guardian	2025-12-08 12:57:18 (6 months ago)	Multi abuses [2]: Unauthorized attempt to retrieve configuration file, Unauthorized connection attem ... show more Multi abuses [2]: Unauthorized attempt to retrieve configuration file, Unauthorized connection attempt / Port scanning 102.88.54.116 [08/Dec/2025:12:57:17] "GET /.env HTTP/1.1" 102.88.54.116 [08/Dec/2025:12:57:17] "GET / HTTP/1.1" show less	Port Scan Web App Attack
🇺🇸 bazter.pro	2025-12-08 12:13:00 (6 months ago)	Auto-Ban [2025-12-08 14:12:52]: Suspicious + RateLimit [Paths: 2] \| Details: Sensitive files/paths: ... show more Auto-Ban [2025-12-08 14:12:52]: Suspicious + RateLimit [Paths: 2] \| Details: Sensitive files/paths: /.env, /.env, /.env, /.env, /.env \| Other paths: /.env, / show less	Web App Attack
🇳🇱 Savvii	2025-12-08 11:53:26 (6 months ago)	20 attempts against mh-misbehave-ban on anise	Brute-Force Bad Web Bot Web App Attack
🇦🇹 HoneyPotEu-AT	2025-12-08 11:52:19 (6 months ago)	102.88.54.116 - - [redacted] [08/Dec/2025:12:52:03 +0100] "GET /.env HTTP/1.1" 404 118 "-" "python-r ... show more 102.88.54.116 - - [redacted] [08/Dec/2025:12:52:03 +0100] "GET /.env HTTP/1.1" 404 118 "-" "python-requests/2.26.0" 0.000 - - 102.88.54.116 - - [redacted] [08/Dec/2025:12:52:03 +0100] "POST / ... show less	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2025-11-12 21:04:05 (7 months ago)	.env scanning [BY]	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.240.59.42

🇮🇹 158.173.77.142

🇺🇸 139.144.239.72

🇮🇳 122.187.249.88

🇨🇳 112.28.89.134

🇳🇱 45.148.10.141

🇫🇮 2a00:1450:4010:c02::127

🇨🇳 222.246.61.222

🇧🇷 189.123.37.115

🇮🇳 182.95.127.42

🇮🇳 182.95.91.86

🇮🇹 158.173.77.98

🇮🇹 158.173.77.65

🇮🇹 158.173.77.18

🇺🇸 147.185.132.105

🇨🇳 123.163.114.138

🇰🇷 119.192.210.110

🇨🇳 111.26.63.89

🇺🇸 64.62.156.164

🇸🇬 2404:6800:4003:c05::128