AbuseIPDB » 152.53.250.192

152.53.250.192 was found in our database!

This IP was reported 364 times. Confidence of Abuse is 100%: ?

100%

ISP	netcup GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197540
Hostname(s)	v2202504264415333281.megasrv.de
Domain Name	netcup.de
Country	Germany
City	Stuttgart, Baden-Wurttemberg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 152.53.250.192

Whois 152.53.250.192

IP Abuse Reports for 152.53.250.192:

This IP address has been reported a total of 364 times from 146 distinct sources. 152.53.250.192 was first reported on April 23rd 2025, and the most recent report was 56 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
ipblock.com	2025-05-14 13:20:00 (58 minutes ago)	IPBlock protected site ID [3390-wh]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
anon333	2025-05-13 22:33:51 (15 hours ago)	Hacker syslog review 1747175631	Hacking
findlab	2025-05-13 20:00:02 (18 hours ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
Rizzy	2025-05-13 10:45:15 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
clapper	2025-05-13 10:20:42 (1 day ago)	(mod_security) mod_security (id:980001) triggered by 152.53.250.192 (AT/Austria/v2202504264415333281 ... show more(mod_security) mod_security (id:980001) triggered by 152.53.250.192 (AT/Austria/v2202504264415333281.megasrv.de): 5 in the last 3600 secs; ID: Dan show less	Brute-Force Bad Web Bot
masterguru	2025-05-13 08:18:08 (1 day ago)	UA Mozlila denied. Pattern match "(?:mozlila)" at REQUEST_HEADERS:User-Agent. (1040-123)	Bad Web Bot
INTEQ	2025-05-13 06:19:17 (1 day ago)	Web attack from 152.53.250.192	Web App Attack
mawan	2025-05-13 04:57:46 (1 day ago)	Suspected of having performed illicit activity on AMS server.	Web App Attack
oh.mg	2025-05-13 03:45:05 (1 day ago)	[Tue May 13 05:45:04.686194 2025] [security2:error] [pid 2436441:tid 2436457] [client 152.53.250.192 ... show more[Tue May 13 05:45:04.686194 2025] [security2:error] [pid 2436441:tid 2436457] [client 152.53.250.192:58508] [client 152.53.250.192] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmn.cat"] [uri "/style.php"] [unique_id "aCLAQB3mfOx6S6vET3UqKAAAAAs"], referer: www.google.com ... show less	Bad Web Bot Web App Attack
MarkGGN	2025-05-13 03:26:18 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Bad Web Bot Web App Attack
anon333	2025-05-13 01:33:56 (1 day ago)	Hacker syslog review 1747100035	Hacking
updown.io	2025-05-13 01:05:56 (1 day ago)	{"level":"info","ts":1747095433.2972045,"logger":"http.log.access.log1","msg":"handled request","req ... show more{"level":"info","ts":1747095433.2972045,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"152.53.250.192","remote_port":"60461","client_ip":"152.53.250.192","proto":"HTTP/1.1","method":"GET","host":"status.emilwypych.com","uri":"/style.php","headers":{"Accept-Language":["en-US,en;q=0.9,fr;q=0.8"],"Upgrade-Insecure-Requests":["1"],"Connection":["keep-alive"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8"],"User-Agent":["Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"],"Cache-Control":["max-age=0"],"Referer":["www.google.com"],"Accept-Encoding":["gzip, deflate"]}},"bytes_read":0,"user_id":"","duration":0.000045657,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://status.emilwypych.com/style.php"],"Content-Type":[]}} {"level":"info","ts":1747095457.070358 ... show less	DDoS Attack Web App Attack
Thaliruth	2025-05-13 00:53:28 (1 day ago)	152.53.250.192 - - [13/May/2025:02:53:28 +0200] "GET /style.php HTTP/1.1" 301 162 "www.google.com" " ... show more152.53.250.192 - - [13/May/2025:02:53:28 +0200] "GET /style.php HTTP/1.1" 301 162 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" ... show less	Brute-Force Web App Attack
mawan	2025-05-13 00:31:17 (1 day ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
deskpass.com	2025-05-12 19:54:41 (1 day ago)	GET /style.php	Web App Attack

Showing 1 to 15 of 364 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

52.173.135.5

182.135.66.27

192.253.209.6

34.223.112.137

150.129.63.14

44.242.178.49

186.114.117.125

85.215.146.7

68.42.234.31

38.180.204.180

186.158.252.220

216.107.136.92

18.188.238.199

105.73.194.103

14.33.96.3

103.47.74.210

120.244.160.29

8.211.52.151

112.172.129.137

167.94.138.137