JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.74.8.232

152.74.8.232 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 88%: ?

88%

ISP	Universidad de Concepcion
Usage Type	University/College/School
ASN	AS11340
Domain Name	udec.cl
Country	🇨🇱 Chile
City	Concepcion, Biobio

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.74.8.232

Whois 152.74.8.232

IP Abuse Reports for 152.74.8.232:

This IP address has been reported a total of 25 times from 16 distinct sources. 152.74.8.232 was first reported on June 18th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 YF	2026-06-27 13:00:28 (2 hours ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-06-27 07:42:59 (7 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:42:51.452664 2026] [security2:error] [pid 566:tid 566] [client 152.74.8.232:62033] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|igolfallday.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "igolfallday.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj9--0vTdLLhAPwujTFdGgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-06-27 06:03:50 (9 hours ago)	(wordpress) Failed wordpress login from 152.74.8.232 (CL/Chile/Biobio/Concepción/-/[redacted]): (CF ... show more (wordpress) Failed wordpress login from 152.74.8.232 (CL/Chile/Biobio/Concepción/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-27 02:08:42 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:08:37.660707 2026] [security2:error] [pid 17099:tid 17099] [client 152.74.8.232:55923] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cassialifesci.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cassialifesci.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj8wpWMjGkptpFVbyUUVdAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-26 10:37:52 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-26 04:19:23 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:19:16.330994 2026] [security2:error] [pid 25314:tid 25314] [client 152.74.8.232:64994] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|aemcmullin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aemcmullin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj39xJ35yFPzdCEVIQkAIQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 23:15:49 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 19:15:41.664559 2026] [security2:error] [pid 18647:tid 18715] [client 152.74.8.232:60169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|teritemme.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "teritemme.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj22nTQ9iVkX4FaMAA79xgAAAdA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 jcbriar	2026-06-25 16:24:56 (1 day ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 13:22:40 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 09:22:34.945499 2026] [security2:error] [pid 28246:tid 28246] [client 152.74.8.232:64220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|enjoymycondos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "enjoymycondos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj0rml4P-w8G-1T56XJ2_wAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 06:04:45 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 02:04:42.005696 2026] [security2:error] [pid 17775:tid 17775] [client 152.74.8.232:62156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|shadowsofagiant.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shadowsofagiant.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajzE-gc1-R0U18T66DOADQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 20:03:16 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 152.74.8.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 16:03:08.671946 2026] [security2:error] [pid 9672:tid 9672] [client 152.74.8.232:54940] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|graciousholding.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "graciousholding.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajw3_EOQXxmq8BwKFkOl7AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-24 06:47:59 (3 days ago)	[WedJun2408:47:56.2170452026][security2:error][pid3880605:tid3880699][client152.74.8.232:0]ModSecuri ... show more [WedJun2408:47:56.2170452026][security2:error][pid3880605:tid3880699][client152.74.8.232:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"dellafoglia.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajt9nBYL6DItR_l55946aAAAAIY\"] show less	Port Scan Brute-Force Web App Attack
🇨🇦 polycoda	2026-06-23 19:54:55 (3 days ago)	🔑 Wordpress login brute force attempt	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-23 19:15:13 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇮🇹 Inartis	2026-06-23 13:21:24 (4 days ago)	152.74.8.232 - - [23/Jun/2026:15:21:23 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5222 "-" "Mozilla/5.0 ... show more 152.74.8.232 - - [23/Jun/2026:15:21:23 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5222 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/81.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 219.151.190.128

🇺🇸 209.141.33.207

🇺🇸 162.216.150.40

🇱🇻 81.30.98.49

🇧🇷 45.205.1.240

🇺🇸 24.5.244.85

🇨🇭 20.203.219.109

🇺🇸 3.220.232.68

🇫🇮 178.20.210.208

🇷🇺 94.19.188.233

🇺🇸 85.239.151.34

🇨🇳 59.172.84.243

🇨🇳 58.18.80.18

🇰🇷 43.201.113.97

🇺🇸 173.239.240.83

🇷🇴 141.98.83.240

🇨🇳 116.179.32.66

🇳🇱 91.92.42.147

🇱🇹 89.40.3.184

🇺🇸 72.234.16.75