JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 116.90.118.246

116.90.118.246 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 34%: ?

34%

ISP	Gerrys Information Technology (Pvt.) Ltd.
Usage Type	Fixed Line ISP
ASN	AS140607
Hostname(s)	116-90-118-246.signin.com.pk
Domain Name	gerrys.net
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 116.90.118.246

Whois 116.90.118.246

IP Abuse Reports for 116.90.118.246:

This IP address has been reported a total of 18 times from 15 distinct sources. 116.90.118.246 was first reported on March 27th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-13 07:31:53 (5 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇨🇭 backslash	2026-05-15 08:06:02 (1 month ago)	block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1	Bad Web Bot
🇺🇸 lostswordfish.com	2026-05-11 00:10:05 (1 month ago)	Wordfence waf block on flintlocal432	Web App Attack
🇫🇮 stinpriza	2026-05-10 09:23:54 (1 month ago)	Web App Attack	Web App Attack
🇩🇪 NihiliousMonk	2026-05-09 23:20:54 (1 month ago)	Fail2Ban report from jail npm-scanners	Bad Web Bot Web App Attack
🇯🇵 beon	2026-05-09 22:53:07 (1 month ago)	[DateTime=>2026-05-09T22:53:07Z (UTC)] , [HoneyPot_Hits=>twice] , [HoneyPots=>/xmlrpc.php] , [total_ ... show more [DateTime=>2026-05-09T22:53:07Z (UTC)] , [HoneyPot_Hits=>twice] , [HoneyPots=>/xmlrpc.php] , [total_Hits=>twice] , [Keyword=>WordPress] show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-07 23:10:26 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 116.90.118.246 (116-90-118-246.signin.com.pk): ... show more (mod_security) mod_security (id:225170) triggered by 116.90.118.246 (116-90-118-246.signin.com.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 19:10:21.500563 2026] [security2:error] [pid 8261:tid 8261] [client 116.90.118.246:53758] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|apuntesdeinversion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "apuntesdeinversion.com"] [uri "/wp-json/wp/v2/users"] [unique_id "af0b3fNnAtX0H3NUFEf4EQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-05-07 06:37:31 (1 month ago)	Web App Attack	Web App Attack
Anonymous	2026-05-05 01:01:57 (1 month ago)	Fail2ban filtered ...	Web App Attack
🇩🇪 LRob.fr	2026-05-04 19:45:12 (1 month ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-05-04 19:38:24 (1 month ago)	[redacted] 116.90.118.246 - - [04/May/2026:20:36:36 +0100] "POST /[redacted] HTTP/1.1" 405 4877 0/81 ... show more [redacted] 116.90.118.246 - - [04/May/2026:20:36:36 +0100] "POST /[redacted] HTTP/1.1" 405 4877 0/81687 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/78.0.0.0 Safari/537.36" [redacted] 116.90.118.246 - - [04/May/2026:20:38:23 +0100] "POST /[redacted] HTTP/1.1" 405 4877 0/62121 "-" "Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/82.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇺🇸 RH5	2026-05-04 18:42:24 (1 month ago)	Restricted URL probing (/xmlrpc.php) (UTC 2026-05-04 18:42)	Web App Attack
🇺🇸 nationaleventpros.com	2026-04-26 10:53:19 (1 month ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-04-23 21:48:47 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 116.90.118.246 (116-90-118-246.signin.com.pk): ... show more (mod_security) mod_security (id:225170) triggered by 116.90.118.246 (116-90-118-246.signin.com.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 17:48:41.918440 2026] [security2:error] [pid 11964:tid 12026] [client 116.90.118.246:60384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|conservativedemocrat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "conservativedemocrat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeqTuSyBP1xPz0Ows-8FlQAAAJY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-23 20:34:19 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 116.90.118.246 (116-90-118-246.signin.com.pk): ... show more (mod_security) mod_security (id:225170) triggered by 116.90.118.246 (116-90-118-246.signin.com.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 16:34:10.895546 2026] [security2:error] [pid 32371:tid 32371] [client 116.90.118.246:61606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cajunpicasso.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cajunpicasso.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeqCQo8svrhzwagcwO1pMwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 190.244.39.224

🇨🇳 112.86.225.231

🇨🇳 112.86.225.108

🇳🇱 45.148.10.37

🇳🇱 176.65.139.216

🇺🇸 162.216.149.84

🇧🇷 153.67.110.81

🇺🇸 148.135.151.243

🇵🇰 119.155.254.35

🇺🇸 109.105.210.32

🇺🇸 66.132.195.60

🇮🇳 59.145.160.134

🇸🇬 2a09:bac5:55f9:18d2::279:52

🇻🇳 171.250.162.151

🇪🇬 156.212.134.182

🇧🇬 151.237.115.206

🇺🇸 148.72.159.0

🇺🇸 98.91.147.104

🇮🇶 65.20.129.112

🇸🇬 47.128.48.27