JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.233.20.53

152.233.20.53 was found in our database!

This IP was reported 173 times. Confidence of Abuse is 49%: ?

49%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-152-233-20-53.datapacket.com
Domain Name	datacamp.co.uk
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.233.20.53

Whois 152.233.20.53

IP Abuse Reports for 152.233.20.53:

This IP address has been reported a total of 173 times from 76 distinct sources. 152.233.20.53 was first reported on October 7th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 maxxsense	2026-06-22 05:30:44 (3 hours ago)	152.233.20.53 (DE/Germany/unn-152-233-20-53.datapacket.com), 22 distributed imapd attacks on account ... show more 152.233.20.53 (DE/Germany/unn-152-233-20-53.datapacket.com), 22 distributed imapd attacks on account [redacted] show less	Brute-Force
🇱🇻 garmtech.com	2026-06-20 17:09:54 (1 day ago)	IM360 WAF: Unauthenticated editor-profile/file upload in Joomla Content Editor JCE before 2.9.99.5 ( ... show more IM360 WAF: Unauthenticated editor-profile/file upload in Joomla Content Editor JCE before 2.9.99.5 (CVE-2026-48907) MV:t_1781975394_54.php show less	Hacking
🇩🇪 FeG Deutschland	2026-06-01 04:13:23 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇩🇪 4server	2026-06-01 01:04:03 (3 weeks ago)	[MonJun0103:04:01.2946012026][security2:error][pid1977252:tid1977303][client152.233.20.53:0]ModSecur ... show more [MonJun0103:04:01.2946012026][security2:error][pid1977252:tid1977303][client152.233.20.53:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"[\\\\\\\\n\\\\\\\\r]\"atARGS_GET:messaggio.[file\"/etc/apache2/conf.d/modsec_rules/00_asl_zz_strict.conf\"][line\"143\"][id\"390722\"][rev\"5\"][msg\"Atomicorp.comWAFRules:HTTPHeaderInjectionAttackviapayload\(CR/LFdetected\)\"][data\"MatchedData:\\\\x0dfoundwithinARGS_GET:messaggio:Searchyourself\\\\xe2\\\\x80\\\\x93explorethelivedatabaseinstantly\\\\x0d\\\\x0a\\\\x0d\\\\x0aTrylivesearch\\\\xe2\\\\x86\\\\x92https://verifieddata.one\\\\x0d\\\\x0a\\\\xed\\\\xa0\\\\xbc\\\\xed\\\\xbc\\\\x8dglobaldiscovery\\\\xc2\\\\xb7nosign-uprequired\\\\x0d\\\\x0aVerifiedData.One\\\\xe2\\\\x80\\\\x93exploreglobalbusiness\ show less	Port Scan Brute-Force Web App Attack
🇦🇺 MAGIC	2026-06-01 00:01:53 (3 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇬🇧 oncord	2026-05-31 23:57:53 (3 weeks ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-29 19:21:01 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 152.233.20.53 (unn-152-233-20-53.datapacket.com ... show more (mod_security) mod_security (id:225170) triggered by 152.233.20.53 (unn-152-233-20-53.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 29 15:20:57.259135 2026] [security2:error] [pid 20974:tid 20974] [client 152.233.20.53:61443] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.barigby.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.barigby.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahnnGdJL_gDFXX-x5BWX5wAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-29 13:35:18 (3 weeks ago)	[osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonis ... show more [osotir.org] httpd-xmlrpc-post: sites=agonistes.gr.synathlountes; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-05-16 09:00:26 (1 month ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇬🇧 noise.agency	2026-04-26 20:30:46 (1 month ago)	(wordpress) Failed wordpress login from 152.233.20.53 (DE/Germany/unn-152-233-20-53.datapacket.com)	Brute-Force
🇫🇷 Jean Valjean	2026-04-26 20:26:20 (1 month ago)	Fail2ban Caboom : wp-login.php Bruteforce	Brute-Force Web App Attack
Anonymous	2026-04-26 20:20:02 (1 month ago)	Web attack blocked by Wordfence on gedichtenlangsdegeul.nl (1 hit). Reported by CRMON.	Web App Attack
Anonymous	2026-04-26 19:12:54 (1 month ago)	[redacted] 152.233.20.53 - - [26/Apr/2026:21:12:47 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" " ... show more [redacted] 152.233.20.53 - - [26/Apr/2026:21:12:47 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" [redacted] 152.233.20.53 - - [26/Apr/2026:21:12:47 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" [redacted] 152.233.20.53 - - [26/Apr/2026:21:12:48 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" [redacted] 152.233.20.53 - - [26/Apr/2026:21:12:49 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" [redacted] 152.233.20.53 - - [26/Apr/2026:21:12:50 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" ... show less	Hacking Web App Attack
🇩🇪 big-cloud.nl	2026-04-26 19:11:46 (1 month ago)	Try to access /xmlrpc.php?rsd	Web App Attack
🇩🇪 FeG Deutschland	2026-04-26 17:50:34 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack

Showing 1 to 15 of 173 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 77.90.185.88

🇺🇸 64.62.156.132

🇬🇧 213.166.84.61

🇰🇷 211.223.107.86

🇬🇧 195.206.182.206

🇺🇸 156.229.21.54

🇮🇹 45.143.182.238

🇺🇸 20.65.194.117

🇺🇸 5.161.215.137

🇺🇸 198.74.59.236

🇺🇸 195.184.76.86

🇺🇸 174.136.148.94

🇦🇺 139.99.216.24

🇮🇳 122.166.49.42

🇻🇳 115.73.213.75

🇨🇦 85.217.149.24

🇱🇹 77.90.185.78

🇺🇸 66.132.186.229

🇭🇰 45.114.125.24

🇺🇸 35.231.132.236