JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 109.196.160.11

109.196.160.11 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 0%: ?

ISP	HostRoyale Technologies Pvt Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS203020
Domain Name	hostroyale.com
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 109.196.160.11

Whois 109.196.160.11

IP Abuse Reports for 109.196.160.11:

This IP address has been reported a total of 21 times from 13 distinct sources. 109.196.160.11 was first reported on June 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 KIDOS	2026-05-07 09:31:57 (1 month ago)	CrowdSec detected malicious activity	DDoS Attack
🇩🇪 Phenix Info	2025-09-04 13:10:23 (9 months ago)	SmallGuard.fr - Empty User Agent	Web App Attack
Anonymous	2025-06-23 02:16:10 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
🇺🇸 WeekendWeb	2024-08-05 23:19:25 (1 year ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2024-08-03 00:21:53 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 02 20:21:36.945942 2024] [security2:error] [pid 996990:tid 996999] [client 109.196.160.11:58489] [client 109.196.160.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.196.160.11 (+1 hits since last alert)\|www.rpiusa.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rpiusa.net"] [uri "/xmlrpc.php"] [unique_id "Zq14EOj49WzH_HLN_BqfyQAAAUc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-07-23 17:07:38 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 Nick Lewis	2024-06-30 00:36:35 (1 year ago)	(wordpress) Failed wordpress login from 109.196.160.11 (ES/Spain/-)	Brute-Force
🇩🇪 FeG Deutschland	2024-06-30 00:13:01 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities - 5	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2024-06-29 23:46:55 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 29 19:46:42.265091 2024] [security2:error] [pid 9243] [client 109.196.160.11:51507] [client 109.196.160.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.196.160.11 (+1 hits since last alert)\|edgecomix.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgecomix.com"] [uri "/xmlrpc.php"] [unique_id "ZoCc4lOVOdp4NSCgowIHGwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-06-29 22:07:52 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 29 18:07:37.417212 2024] [security2:error] [pid 31482] [client 109.196.160.11:60445] [client 109.196.160.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.196.160.11 (+1 hits since last alert)\|www.targethk.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.targethk.net"] [uri "/xmlrpc.php"] [unique_id "ZoCFqa-ikEHNK3jj9dr70wAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-06-28 04:02:11 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 RLDD	2024-06-23 10:53:29 (1 year ago)	WP login attempts -rld	Brute-Force
🇺🇸 TPI-Abuse	2024-06-13 17:24:18 (2 years ago)	(mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 109.196.160.11 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 13 13:24:04.729290 2024] [security2:error] [pid 19312:tid 47419306473216] [client 109.196.160.11:47625] [client 109.196.160.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 109.196.160.11 (+1 hits since last alert)\|rockabyecotons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockabyecotons.com"] [uri "/xmlrpc.php"] [unique_id "ZmsrNGR5yjjJACRCTI2y9gAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-06-13 04:14:39 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇹 neo72	2024-06-12 16:11:29 (2 years ago)	Spam	Email Spam

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.168.5

🇨🇱 176.52.133.47

🇮🇳 103.149.197.34

🇩🇪 103.14.32.224

🇸🇬 47.82.10.5

🇦🇺 45.132.225.32

🇮🇳 209.38.120.71

🇺🇸 206.189.202.125

🇳🇱 204.76.203.219

🇳🇵 202.70.78.237

🇳🇱 195.178.110.2

🇮🇷 178.252.169.183

🇸🇬 159.65.143.47

🇸🇦 154.205.134.214

🇺🇸 47.89.230.8

🇸🇬 47.84.62.21

🇸🇬 47.82.10.49

🇸🇬 47.82.10.47

🇺🇸 35.238.233.96

🇬🇧 193.163.125.157