JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.202.213.58

116.202.213.58 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 100%: ?

100%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	s7.itserver.biz
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Falkenstein, Saxony

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.202.213.58

Whois 116.202.213.58

IP Abuse Reports for 116.202.213.58:

This IP address has been reported a total of 135 times from 71 distinct sources. 116.202.213.58 was first reported on March 27th 2025, and the most recent report was 10 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-17 20:16:36 (10 minutes ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN DE/Germany/s7.itserver.biz	Web App Attack
🇬🇧 consul.to	2026-06-17 20:09:27 (18 minutes ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Victor López	2026-06-17 20:04:05 (23 minutes ago)	ads.buscaempresas.co 116.202.213.58 - - [17/Jun/2026:15:03:56 -0500] "GET /wp-login.php HTTP/2.0" 20 ... show more ads.buscaempresas.co 116.202.213.58 - - [17/Jun/2026:15:03:56 -0500] "GET /wp-login.php HTTP/2.0" 200 1864 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" advisainternational.com 116.202.213.58 - - [17/Jun/2026:15:04:02 -0500] "GET /wp-login.php HTTP/2.0" 200 1864 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" advisainternational.com 116.202.213.58 - - [17/Jun/2026:15:04:04 -0500] "POST /wp-login.php HTTP/2.0" 200 1993 "https://advisainternational.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 19:44:56 (42 minutes ago)	(mod_security) mod_security (id:225170) triggered by 116.202.213.58 (s7.itserver.biz): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 116.202.213.58 (s7.itserver.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 15:44:52.923355 2026] [security2:error] [pid 29948:tid 29948] [client 116.202.213.58:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|forsaleincr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "forsaleincr.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajL5NGzENxhubJKcZ_wOigAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-17 10:02:35 (10 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 expandmade.com	2026-06-17 08:07:09 (12 hours ago)	unauthorized rest api call [17/Jun/2026:08:07:09 "GET /wp-json/wp/v2/users/me"]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 08:00:48 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 116.202.213.58 (s7.itserver.biz): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 116.202.213.58 (s7.itserver.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 04:00:41.056342 2026] [security2:error] [pid 27090:tid 27090] [client 116.202.213.58:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.pixacast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.pixacast.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajJUKfYzfLbpoFrs7pBkBAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 KIsmay	2026-06-17 07:50:01 (12 hours ago)	Jun 16 23:41:40 www4 WPAudit[2213919]: 116.202.213.58 cottonwoodc.ca "Mozilla/5.0 (Windows NT 10.0; ... show more Jun 16 23:41:40 www4 WPAudit[2213919]: 116.202.213.58 cottonwoodc.ca "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" cottonwoodcreek-admin:cottonwoodcreek-admin1919 FAIL Jun 17 00:25:48 www4 WPAudit[2216549]: 116.202.213.58 servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" pathwise:pathwise55555 FAIL Jun 17 00:26:14 www4 WPAudit[2217285]: 116.202.213.58 www.imaginesalmon.com "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" imagine:imagine85 FAIL Jun 17 02:41:07 www4 WPAudit[2228164]: 116.202.213.58 www.bestnelson.org "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" bestnelson-admin:bestnelsonadmin88 FAIL Jun 17 03:50:00 www4 WPAudit[2238276]: 116.202.213.58 www.bestnelson.org "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0. ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 07:41:26 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 116.202.213.58 (s7.itserver.biz): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 116.202.213.58 (s7.itserver.biz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 03:41:22.913293 2026] [security2:error] [pid 6217:tid 6217] [client 116.202.213.58:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.southernbroadcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.southernbroadcast.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajJPogG-zPeAffg9EJ9yeAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-17 06:53:31 (13 hours ago)	(wordpress) Apache: Failed WordPress login from 116.202.213.58 (DE/Germany/s7.itserver.biz): 10 in t ... show more (wordpress) Apache: Failed WordPress login from 116.202.213.58 (DE/Germany/s7.itserver.biz): 10 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 masterguru	2026-06-17 06:15:53 (14 hours ago)	(wordpress) Apache: Failed WordPress login from 116.202.213.58 (DE/Germany/s7.itserver.biz): 10 in t ... show more (wordpress) Apache: Failed WordPress login from 116.202.213.58 (DE/Germany/s7.itserver.biz): 10 in the last 3600 secs (0-193) show less	Hacking
Anonymous	2026-06-17 05:07:01 (15 hours ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇦🇺 QT	2026-06-17 04:45:54 (15 hours ago)	Unauthorised WordPress admin login attempted at 2026-06-17 14:45:45 +1000	Web App Attack
🇲🇽 octageeks.com	2026-06-17 04:09:51 (16 hours ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇩🇪 excill	2026-06-17 03:07:21 (17 hours ago)	Honeypot mesh observed 794 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 103.20.223.56

🇪🇸 86.127.229.136

🇸🇦 66.118.187.211

🇳🇱 45.148.10.151

🇺🇸 23.80.90.76

🇨🇳 220.178.57.22

🇳🇱 195.178.110.26

🇩🇪 164.92.161.148

🇯🇵 164.52.0.93

🇺🇸 150.107.38.75

🇰🇷 118.220.149.121

🇱🇹 91.224.92.17

🇺🇸 69.14.159.187

🇸🇦 51.36.227.146

🇺🇸 45.55.33.25

🇵🇪 38.255.109.57

🇧🇪 198.235.24.236

🇳🇱 188.213.92.180

🇮🇳 110.227.211.82

🇹🇷 94.123.203.51