JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 216.118.251.2

216.118.251.2 was found in our database!

This IP was reported 694 times. Confidence of Abuse is 49%: ?

49%

ISP	Netsec Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS45753
Domain Name	netsec.com
Country	🇭🇰 Hong Kong
City	Tung Chung, Islands

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 216.118.251.2

Whois 216.118.251.2

IP Abuse Reports for 216.118.251.2:

This IP address has been reported a total of 694 times from 167 distinct sources. 216.118.251.2 was first reported on November 21st 2020, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 WMK965	2026-05-24 22:55:56 (2 weeks ago)	216.118.251.2 - - [25/May/2026:02:49:29 +0800] "GET /admin-api/system/auth/get-permission-info HTTP/ ... show more 216.118.251.2 - - [25/May/2026:02:49:29 +0800] "GET /admin-api/system/auth/get-permission-info HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" 216.118.251.2 - - [25/May/2026:04:13:42 +0800] "GET /admin-api/system/auth/get-permission-info HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" 216.118.251.2 - - [25/May/2026:06:55:55 +0800] "GET /admin-api/system/auth/get-permission-info HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" show less	Port Scan Web App Attack
🇫🇷 IRISIO	2026-05-22 10:37:33 (2 weeks ago)	scans/SQL injection/spam posts : 52 queries	Web App Attack SQL Injection
🇺🇸 Epimetheus	2026-05-21 23:40:52 (2 weeks ago)	Unauthorized access attempts: [GET] /util/aes.js [GET] /util/aes.js UA: Mozilla/5.0 (Windows NT 10 ... show more Unauthorized access attempts: [GET] /util/aes.js [GET] /util/aes.js UA: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 show less	Web App Attack
🇫🇮 geot	2026-05-20 16:01:52 (2 weeks ago)	GET /util/aes.js HTTP/1.1	Web App Attack
🇳🇱 JCB	2026-05-19 16:28:00 (3 weeks ago)	216.118.251.2 - - [19/May/2026:14:53:23 +0300] "GET /util/aes.js HTTP/1.1" 404 196 "-" "Mozilla/5.0 ... show more 216.118.251.2 - - [19/May/2026:14:53:23 +0300] "GET /util/aes.js HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-19 15:22:11 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 216.118.251.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 216.118.251.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 11:22:04.635640 2026] [security2:error] [pid 16796:tid 16796] [client 216.118.251.2:63482] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gamepart.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gamepart.com"] [uri "/home/tancedi1/gamepart.com"] [unique_id "agyAHGvICk35ItJZ_uYHEwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 IRISIO	2026-05-19 07:15:48 (3 weeks ago)	scans/SQL injection/spam posts : 1 queries	Web App Attack SQL Injection
🇨🇦 1gz	2026-05-19 04:05:25 (3 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from HK. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from HK. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /util/aes.js UA: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-05-19 03:29:00 (3 weeks ago)	Multiple Violations by Bot	Port Scan Web App Attack
🇷🇸 Smel	2026-05-19 01:07:02 (3 weeks ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇬🇧 CrystalMaker	2026-05-18 19:09:12 (3 weeks ago)	Vulnerability scan - GET /util/aes.js; GET /util/aes.js; GET /util/aes.js; GET /util/aes.js; GET /ut ... show more Vulnerability scan - GET /util/aes.js; GET /util/aes.js; GET /util/aes.js; GET /util/aes.js; GET /util/aes.js show less	Hacking
🇺🇸 ipblock.com	2026-05-16 21:57:00 (3 weeks ago)	IPBlock protected site ID [669-fx]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇬🇧 CrystalMaker	2026-05-16 21:31:24 (3 weeks ago)	Vulnerability scan - GET /web/; GET /admin/login.html	Hacking
🇺🇸 ipblock.com	2026-05-16 18:41:00 (3 weeks ago)	IPBlock protected site ID [3390-wh]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-05-16 18:12:38 (3 weeks ago)	Web vulnerability probing: /web/	Web App Attack

Showing 1 to 15 of 694 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 191.102.162.248

🇺🇸 191.102.162.247

🇺🇸 191.102.162.46

🇺🇸 191.102.159.73

🇰🇷 175.200.217.128

🇺🇸 168.100.149.210

🇺🇸 158.222.115.194

🇩🇿 154.242.136.70

🇺🇸 149.88.30.87

🇨🇳 122.96.28.61

🇨🇦 85.217.149.43

🇯🇵 43.133.187.11

🇬🇧 37.156.65.183

🇰🇷 222.239.251.12

🇨🇦 207.6.108.232

🇺🇸 191.102.159.180

🇺🇸 191.102.159.155

🇺🇸 191.102.159.143

🇺🇸 191.102.159.56

🇧🇷 187.64.15.80