JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.118.2.113

116.118.2.113 was found in our database!

This IP was reported 3,127 times. Confidence of Abuse is 100%: ?

100%

ISP	ADSL service
Usage Type	Fixed Line ISP
ASN	AS7602
Domain Name	spt.vn
Country	🇻🇳 Viet Nam
City	Quan Bay, Ho Chi Minh City (HCMC)

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.118.2.113

Whois 116.118.2.113

IP Abuse Reports for 116.118.2.113:

This IP address has been reported a total of 3,127 times from 340 distinct sources. 116.118.2.113 was first reported on February 11th 2023, and the most recent report was 8 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 bittiguru.fi	2026-01-18 16:31:57 (4 months ago)	116.118.2.113 - [18/Jan/2026:18:31:27 +0200] "POST /xmlrpc.php HTTP/2.0" 404 15135 "-" "Mozilla/5.0 ... show more 116.118.2.113 - [18/Jan/2026:18:31:27 +0200] "POST /xmlrpc.php HTTP/2.0" 404 15135 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 OPR/50.0.2762.67" "5.67" 116.118.2.113 - [18/Jan/2026:18:31:56 +0200] "POST /xmlrpc.php HTTP/2.0" 404 15335 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7" "4.88" ... show less	Hacking Brute-Force Web App Attack
Anonymous	2026-01-18 16:19:54 (4 months ago)	116.118.2.113 - - [18/Jan/2026:17:19:52 +0100] "POST /xmlrpc.php HTTP/1.1" 200 426 ...	Brute-Force Bad Web Bot
🇫🇮 bittiguru.fi	2026-01-18 16:15:00 (4 months ago)	116.118.2.113 - [18/Jan/2026:18:11:23 +0200] "POST /xmlrpc.php HTTP/2.0" 404 15323 "-" "Mozilla/5.0 ... show more 116.118.2.113 - [18/Jan/2026:18:11:23 +0200] "POST /xmlrpc.php HTTP/2.0" 404 15323 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36" "5.52" 116.118.2.113 - [18/Jan/2026:18:14:59 +0200] "POST /xmlrpc.php HTTP/2.0" 404 20 "-" "Mozilla/5.0 (Windows NT 6.3; Win64, x64; Trident/7.0; rv:11.0) like Gecko" "0.00" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 smithclass.net	2026-01-18 16:13:41 (4 months ago)	Jan 18 16:13:40 gravy wordpress(smithclass.net)[811671]: XML-RPC authentication attempt for unknown ... show more Jan 18 16:13:40 gravy wordpress(smithclass.net)[811671]: XML-RPC authentication attempt for unknown user gsmithsewanee-edu from 116.118.2.113 ... show less	Hacking Brute-Force
🇩🇪 hchristo	2026-01-18 15:58:05 (4 months ago)	[Sun Jan 18 16:50:41.922539 2026] [access_compat:error] [pid 57124:tid 57149] [remote 116.118.2.113: ... show more [Sun Jan 18 16:50:41.922539 2026] [access_compat:error] [pid 57124:tid 57149] [remote 116.118.2.113:44340] AH01797: client denied by server configuration: /var/www/kd1129/htdocs/mg-ambulante-pflege.de/www.mg-ambulante-pflege.de/wp-login.php [Sun Jan 18 16:50:42.415884 2026] [access_compat:error] [pid 57124:tid 57142] [remote 116.118.2.113:44340] AH01797: client denied by server configuration: /var/www/kd1129/htdocs/mg-ambulante-pflege.de/www.mg-ambulante-pflege.de/wp-login.php, referer: https://mg-ambulante-pflege.de/wp-login.php [Sun Jan 18 16:58:01.567594 2026] [access_compat:error] [pid 57124:tid 57167] [remote 116.118.2.113:55288] AH01797: client denied by server configuration: /var/www/kd1130/htdocs/MK-Bau.gmbh/xmlrpc.php [Sun Jan 18 16:58:03.034138 2026] [access_compat:error] [pid 57124:tid 57160] [remote 116.118.2.113:55298] AH01797: client denied by server configuration: /var/www/kd1130/htdocs/MK-Bau.gmbh/xmlrpc.php [Sun Jan 18 16:58:04.643214 2026] [access_compat:error] [pid 5 ... show less	Brute-Force
🇲🇹 Malta	2026-01-18 15:57:48 (4 months ago)	116.118.2.113 - - [18/Jan/2026:16:57:48 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 116.118.2.113 - - [18/Jan/2026:16:57:48 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 6.3; ARM; Trident/7.0; Touch; ARMBJS; rv:11.0) like Gecko" show less	Hacking Web App Attack
🇫🇮 bittiguru.fi	2026-01-18 15:55:32 (4 months ago)	116.118.2.113 - [18/Jan/2026:17:50:35 +0200] "POST /xmlrpc.php HTTP/2.0" 404 22550 "-" "Mozilla/5.0 ... show more 116.118.2.113 - [18/Jan/2026:17:50:35 +0200] "POST /xmlrpc.php HTTP/2.0" 404 22550 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.170 Safari/537.36 OPR/53.0.2907.68" "3.37" 116.118.2.113 - [18/Jan/2026:17:55:32 +0200] "POST /xmlrpc.php HTTP/2.0" 404 9917 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; Touch; SMJB; rv:11.0) like Gecko" "5.13" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 mind5t0rm	2026-01-18 15:48:29 (4 months ago)	(WPLOGIN) WP Login Attack 116.118.2.113 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Tr ... show more (WPLOGIN) WP Login Attack 116.118.2.113 (-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 116.118.2.113 - - [18/Jan/2026:22:45:28 +0700] "GET /wp-login.php HTTP/1.1" 200 2466 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MATM; rv:11.0) like Gecko" 116.118.2.113 - - [18/Jan/2026:22:45:30 +0700] "POST /wp-login.php HTTP/1.1" 200 2602 "https://zerowaterthailand.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MATM; rv:11.0) like Gecko" 116.118.2.113 - - [18/Jan/2026:22:48:29 +0700] "GET /wp-login.php HTTP/1.1" 200 2466 "-" "Mozilla/5.0 (Windows NT 6.2; ARM; Trident/7.0; Touch; rv:11.0; WPDesktop; NOKIA; Lumia 1320) like Gecko" show less	Port Scan
🇩🇪 Nerdscave Hosting	2026-01-18 15:40:19 (4 months ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇷 Yepngo	2026-01-18 15:38:22 (4 months ago)	116.118.2.113 - - [18/Jan/2026:16:17:53 +0100] "POST /wp-login.php HTTP/2.0" 200 12087 "https://www. ... show more 116.118.2.113 - - [18/Jan/2026:16:17:53 +0100] "POST /wp-login.php HTTP/2.0" 200 12087 "https://www.yepngo.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.162 Safari/537.36" 116.118.2.113 - - [18/Jan/2026:16:38:21 +0100] "POST /wp-login.php HTTP/2.0" 200 12084 "https://www.yepngo.com/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; InfoPath.2)" ... show less	Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-01-18 15:35:28 (4 months ago)	116.118.2.113 - [18/Jan/2026:17:32:29 +0200] "POST /wp-login.php HTTP/2.0" 403 2828 "https://effc.fi ... show more 116.118.2.113 - [18/Jan/2026:17:32:29 +0200] "POST /wp-login.php HTTP/2.0" 403 2828 "https://effc.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:60.0) Gecko/20100101 Firefox/60.0" "3.42" 116.118.2.113 - [18/Jan/2026:17:32:58 +0200] "POST /wp-login.php HTTP/2.0" 403 3156 "https://www.articstore.fi/wp-login.php" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36" "3.25" 116.118.2.113 - [18/Jan/2026:17:34:12 +0200] "POST /wp-login.php HTTP/2.0" 403 3188 "https://vatupassi.fi/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:60.0) Gecko/20100101 Firefox/60.0" "3.27" 116.118.2.113 - [18/Jan/2026:17:35:06 +0200] "POST /wp-login.php HTTP/2.0" 403 3175 "https://patteristo.fi/wp-login.php" "Mozilla/5.0 (Windows NT 6.2; ARM; Trident/7.0; Touch; rv:11.0; WPDesktop; NOKIA; Lumia 630) like Gecko" "3.14" 116.118.2.113 - [18/Jan/2026:17:35:28 +0200] "POST /wp-login.php HTTP/2.0" 403 3014 "https://deli-china.fi/wp- ... show less	Hacking Brute-Force Web App Attack
🇺🇸 myagent.site	2026-01-18 15:26:30 (4 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇫🇮 bittiguru.fi	2026-01-18 15:16:31 (4 months ago)	116.118.2.113 - [18/Jan/2026:17:15:57 +0200] "POST /xmlrpc.php HTTP/2.0" 404 20 "-" "Mozilla/5.0 (Wi ... show more 116.118.2.113 - [18/Jan/2026:17:15:57 +0200] "POST /xmlrpc.php HTTP/2.0" 404 20 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; MASN; rv:11.0) like Gecko" "0.00" 116.118.2.113 - [18/Jan/2026:17:16:30 +0200] "POST /xmlrpc.php HTTP/2.0" 404 22550 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 OPR/50.0.2762.67" "3.37" ... show less	Hacking Brute-Force Web App Attack
🇬🇧 Steve	2026-01-18 15:12:45 (4 months ago)	Abuse of XMLRPC	Brute-Force Web App Attack
🇫🇷 masterguru	2026-01-18 15:09:00 (4 months ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-143)	Hacking

Showing 2986 to 3000 of 3127 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 89.21.67.136

🇱🇹 81.30.98.144

🇺🇸 71.6.233.183

🇮🇹 217.26.179.90

🇧🇪 198.235.24.249

🇬🇧 195.96.139.37

🇷🇺 185.16.214.226

🇳🇱 159.223.222.245

🇩🇪 149.88.24.144

🇨🇳 112.46.213.73

🇱🇹 81.30.98.49

🇨🇳 60.166.82.123

🇺🇸 15.181.145.26

🇬🇧 2.102.252.67

🇷🇴 2.57.122.177

🇰🇷 211.253.9.49

🇬🇧 195.140.214.28

🇺🇸 195.35.39.133

🇦🇺 193.116.214.128

🇲🇽 186.96.145.241