JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 88.218.47.225

88.218.47.225 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 21%: ?

21%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 88.218.47.225

Whois 88.218.47.225

IP Abuse Reports for 88.218.47.225:

This IP address has been reported a total of 20 times from 15 distinct sources. 88.218.47.225 was first reported on November 25th 2022, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-20 08:55:40 (5 days ago)	Brute force	Brute-Force
🇩🇪 UlrikeLG	2026-06-03 07:09:00 (3 weeks ago)	[wordpress] unauthorised access attempts via wp_login	Brute-Force Bad Web Bot Web App Attack
🇭🇺 zolav8	2026-05-14 05:48:35 (1 month ago)	SQL injection / web attack attempt	Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-05-13 21:00:19 (1 month ago)	(mod_security) mod_security (id:211030) triggered by 88.218.47.225 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211030) triggered by 88.218.47.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 13 17:00:12.350563 2026] [security2:error] [pid 30207:tid 30207] [client 88.218.47.225:35121] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at ARGS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "17"] [id "211030"] [rev "3"] [msg "COMODO WAF: LDAP Injection Attack\|\|www.genesis-castle.com\|F\|2"] [data "Matched Data: (%'%~%'%\|%\|%( found within ARGS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.genesis-castle.com"] [uri "/gallery/index.php"] [unique_id "agTmXMbAXrtS1hzpFDs9pgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 F242	2026-05-04 13:53:18 (1 month ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 kjaerulff	2026-03-11 14:26:23 (3 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 TPI-Abuse	2026-03-07 11:16:14 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 88.218.47.225 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 88.218.47.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 07 06:16:07.364156 2026] [security2:error] [pid 6336:tid 6336] [client 88.218.47.225:43955] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gemexpressions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gemexpressions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aawI9-lJ9T4eeW-SIAnHHQAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mind5t0rm	2026-01-26 08:14:23 (4 months ago)	(WPLOGIN) WP Login Attack 88.218.47.225 (US/United States/-): 3 in the last 3600 secs; Ports: ; Dir ... show more (WPLOGIN) WP Login Attack 88.218.47.225 (US/United States/-): 3 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 88.218.47.225 - - [26/Jan/2026:15:14:15 +0700] "GET /wp-login.php HTTP/2.0" 200 2807 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 88.218.47.225 - - [26/Jan/2026:15:14:18 +0700] "GET /wp-login.php?wp_lang=en_US HTTP/2.0" 200 2807 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 88.218.47.225 - - [26/Jan/2026:15:14:22 +0700] "POST /wp-login.php?wp_lang=en_US HTTP/2.0" 302 0 "https://zerowaterthailand.com/wp-login.php?wp_lang=en_US" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" show less	Port Scan
🇫🇷 masterguru	2025-12-11 05:01:48 (6 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 88.218.47.225 (NL/The Netherlands/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 88.218.47.225 (NL/The Netherlands/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇩🇪 Packets-Decreaser.NET	2025-09-23 06:02:58 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-03-10 00:50:49 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 88.218.47.225 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 88.218.47.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 09 20:50:44.365629 2025] [security2:error] [pid 22181:tid 22197] [client 88.218.47.225:14873] [client 88.218.47.225] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metrobaselexpoforum.org.metropolitanbasel.org"] [uri "/.env"] [unique_id "Z843ZHc4q1mpqoh8R4jgMAAAAE4"], referer: https://tasamm.com/about/mmm163.html show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-02-13 07:13:50 (1 year ago)	Form spam	Web Spam
🇦🇺 MAGIC	2025-02-11 07:04:48 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇧🇪 Max la Menace	2025-02-11 04:05:27 (1 year ago)	Wordpress attack (F)	Blog Spam Web App Attack
🇺🇸 oncord	2025-01-11 00:12:02 (1 year ago)	Form spam	Web Spam

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 92.126.223.175

🇮🇪 83.71.2.178

🇮🇩 49.0.24.107

🇺🇸 2400:cb00:185:1000:5b1a:7a4c:4f6c:2c1f

🇧🇷 207.248.19.20

🇧🇷 187.8.120.90

🇺🇸 128.203.202.233

🇩🇪 93.152.224.102

🇫🇷 85.217.140.18

🇩🇪 69.5.169.254

🇺🇸 65.49.1.197

🇸🇮 31.57.216.6

🇨🇳 14.103.83.66

🇺🇸 13.89.124.223

🇭🇰 199.45.154.189

🇳🇱 195.178.110.232

🇯🇵 157.7.200.152

🇮🇳 103.54.101.248

🇫🇷 54.37.229.90

🇬🇧 31.14.254.114