JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.16.88.111

213.16.88.111 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 51%: ?

51%

ISP	FCI - FirstCom Internet Kft.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS12301
Hostname(s)	vs11.abplusz.hu
Domain Name	one.hu
Country	🇭🇺 Hungary
City	Budapest, Budapest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.16.88.111

Whois 213.16.88.111

IP Abuse Reports for 213.16.88.111:

This IP address has been reported a total of 29 times from 19 distinct sources. 213.16.88.111 was first reported on October 1st 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 08:52:43 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:52:37.519904 2026] [security2:error] [pid 11385:tid 11546] [client 213.16.88.111:46490] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|colegiopiramide.edu.gt.datascan-site.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "colegiopiramide.edu.gt.datascan-site.com"] [uri "/wp-json/wp/v2/users/9"] [unique_id "aj491Wf-KJ-D7ykFpne3EAAAAg0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 23:39:28 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 19:39:24.684415 2026] [security2:error] [pid 7292:tid 7292] [client 213.16.88.111:36862] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eileensharaga.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eileensharaga.com"] [uri "/wp-json/wp/v2/users/6"] [unique_id "aj28LI7_g24luVDVMU5jWAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 20:45:13 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:45:07.785883 2026] [security2:error] [pid 12766:tid 12766] [client 213.16.88.111:49914] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|webuychesterfieldhouses.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "webuychesterfieldhouses.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj2TU6esJS2U63P-g7LXGQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇽 octageeks.com	2026-06-22 04:12:38 (6 days ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇨🇦 polycoda	2026-06-20 23:23:54 (1 week ago)	📄 Probes for wp-login.php and other inexistent URLs	Hacking Web App Attack
🇲🇹 Malta	2026-06-16 08:36:23 (1 week ago)	213.16.88.111 - - [16/Jun/2026:10:36:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 213.16.88.111 - - [16/Jun/2026:10:36:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 Ba-Yu	2026-06-16 07:18:00 (1 week ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 dtorrer	2026-06-16 06:07:50 (1 week ago)	Forged login request.	Brute-Force
🇫🇷 tecnicorioja	2026-06-15 22:00:55 (1 week ago)	wp-login attack [15/Jun/2026:16:23:20	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:46:20 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:46:13.132942 2026] [security2:error] [pid 13146:tid 13146] [client 213.16.88.111:45674] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|anchor07.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "anchor07.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajAsVf_zbsU17eu_9xeEqwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2026-06-13 01:42:52 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 00:43:25 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last ... show more (mod_security) mod_security (id:225170) triggered by 213.16.88.111 (vs11.abplusz.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 20:43:17.671608 2026] [security2:error] [pid 28772:tid 28772] [client 213.16.88.111:56020] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kairoslogammakmur.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kairoslogammakmur.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiynpdTL4Pjujsjm95vgPwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2026-05-11 08:36:44 (1 month ago)	213.16.88.111 - - [11/May/2026:10:36:44 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ... show more 213.16.88.111 - - [11/May/2026:10:36:44 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇩🇪 london2038.com	2026-05-10 23:32:34 (1 month ago)	Probing for exploits 213.16.88.111 - - [11/May/2026:01:32:29 +0200] "GET /wp-login.php HTTP/2.0" 301 ... show more Probing for exploits 213.16.88.111 - - [11/May/2026:01:32:29 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 213.16.88.111 - - [11/May/2026:01:32:30 +0200] "POST /wp-login.php HTTP/2.0" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" show less	Hacking Web App Attack
🇨🇿 ptlab	2026-05-10 18:45:10 (1 month ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 107.175.94.125

🇲🇲 210.14.102.238

🇮🇩 208.76.40.121

🇹🇼 198.235.24.115

🇹🇼 198.235.24.49

🇵🇱 178.183.125.51

🇮🇳 103.68.52.210

🇮🇳 103.67.152.201

🇮🇩 103.67.80.61

🇬🇧 87.236.176.161

🇺🇸 69.164.219.93

🇺🇸 69.49.246.176

🇳🇱 45.153.34.114

🇳🇱 45.148.10.147

🇺🇸 34.26.147.69

🇸🇦 31.166.143.20

🇵🇭 27.110.166.67

🇺🇸 20.46.251.132

🇺🇸 20.42.92.153

🇨🇳 14.103.64.177