JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.202.130.55

116.202.130.55 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	portal.knowe.host
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.202.130.55

Whois 116.202.130.55

IP Abuse Reports for 116.202.130.55:

This IP address has been reported a total of 24 times from 11 distinct sources. 116.202.130.55 was first reported on June 29th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇹 Malta	2024-07-16 14:54:57 (1 year ago)	116.202.130.55 - - [16/Jul/2024:16:54:56 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 116.202.130.55 - - [16/Jul/2024:16:54:56 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇦🇹 neo72	2024-07-14 07:17:05 (1 year ago)	Spam	Email Spam
🇦🇺 MAGIC	2024-07-13 18:00:59 (1 year ago)	VM5 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2024-07-13 06:02:45 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-07-13 02:04:49 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 22:04:42.343913 2024] [security2:error] [pid 32216] [client 116.202.130.55:49287] [client 116.202.130.55] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.202.130.55 (+1 hits since last alert)\|dragonflytunes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dragonflytunes.com"] [uri "/xmlrpc.php"] [unique_id "ZpHguv5p09VB7EkTVuV7VgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RLDD	2024-07-13 00:48:13 (1 year ago)	WP probing for vulnerabilities -mob	Web App Attack
🇺🇸 TPI-Abuse	2024-07-12 12:16:48 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 08:16:42.390709 2024] [security2:error] [pid 483076] [client 116.202.130.55:33221] [client 116.202.130.55] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.202.130.55 (+1 hits since last alert)\|www.bethanyeyecenter.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bethanyeyecenter.com"] [uri "/xmlrpc.php"] [unique_id "ZpEeqmRhWY6bLcfHU7S1CgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-12 07:00:50 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 12 03:00:43.275161 2024] [security2:error] [pid 9613] [client 116.202.130.55:47497] [client 116.202.130.55] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.202.130.55 (+1 hits since last alert)\|laecovillage.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "laecovillage.org"] [uri "/xmlrpc.php"] [unique_id "ZpDUm0rwrpRDVbKk5YfcTAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-11 02:26:33 (1 year ago)	Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK	Brute-Force SSH
🇲🇹 Malta	2024-07-11 00:29:08 (1 year ago)	116.202.130.55 - - [11/Jul/2024:02:29:08 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ... show more 116.202.130.55 - - [11/Jul/2024:02:29:08 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-07-10 23:16:21 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 19:16:16.018080 2024] [security2:error] [pid 18937] [client 116.202.130.55:37133] [client 116.202.130.55] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.202.130.55 (+1 hits since last alert)\|www.eta-mct.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.eta-mct.com"] [uri "/xmlrpc.php"] [unique_id "Zo8WQDNg5bi1z5qJru9_CgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-10 16:50:23 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 12:50:15.512576 2024] [security2:error] [pid 14805] [client 116.202.130.55:35059] [client 116.202.130.55] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.202.130.55 (+1 hits since last alert)\|www.lspfest.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.lspfest.com"] [uri "/xmlrpc.php"] [unique_id "Zo67x-sCqVwq1_6p1J62zAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-10 15:48:50 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 116.202.130.55 (portal.knowe.host): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 10 11:48:45.928254 2024] [security2:error] [pid 24496:tid 47906976753408] [client 116.202.130.55:42503] [client 116.202.130.55] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 116.202.130.55 (+1 hits since last alert)\|emehache.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "emehache.com"] [uri "/xmlrpc.php"] [unique_id "Zo6tXSVM6v7HulMwhXfcmwAAAMI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-10 08:53:32 (1 year ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, done, streams: 0/4/4/0/0 (open/re ... show more Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, done, streams: 0/4/4/0/0 (open/recv/resp/push/rst) show less	Hacking Web App Attack
Anonymous	2024-07-10 07:28:14 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.137

🇮🇳 116.73.240.74

🇮🇷 109.125.139.68

🇳🇱 45.153.34.114

🇺🇸 44.201.123.65

🇮🇳 43.230.201.87

🇸🇪 31.211.234.243

🇺🇸 4.246.204.51

🇸🇬 185.200.116.83

🇸🇪 176.10.204.72

🇸🇪 176.10.203.54

🇺🇸 138.186.136.16

🇷🇺 85.95.166.40

🇵🇱 83.20.108.121

🇺🇸 40.76.124.166

🇸🇦 34.166.5.230

🇨🇳 27.17.133.31

🇷🇴 2.57.121.25

🇨🇳 218.201.250.120

🇭🇰 218.190.8.165