JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 152.89.216.26

152.89.216.26 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 37%: ?

37%

ISP	LLC Smart Ape
Usage Type	Data Center/Web Hosting/Transit
ASN	AS56694
Hostname(s)	pve.ampir.ru
Domain Name	smartape.ru
Country	🇷🇺 Russian Federation
City	Moscow, Moscow

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 152.89.216.26

Whois 152.89.216.26

IP Abuse Reports for 152.89.216.26:

This IP address has been reported a total of 12 times from 6 distinct sources. 152.89.216.26 was first reported on May 15th 2026, and the most recent report was 25 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-14 19:01:35 (25 minutes ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 20:45:20 (22 hours ago)	(mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 ... show more (mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 16:45:15.492035 2026] [security2:error] [pid 20065:tid 20078] [client 152.89.216.26:34304] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gabegabel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gabegabel.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai3BW8sy6NxIKas_BSLt9QAAAQs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 19:34:03 (23 hours ago)	Bot / scanning and/or hacking attempts: GET /author/admin/ HTTP/1.1, POST /xmlrpc.php HTTP/1.1, GET ... show more Bot / scanning and/or hacking attempts: GET /author/admin/ HTTP/1.1, POST /xmlrpc.php HTTP/1.1, GET /?author=3 HTTP/1.1, GET /?author=1 HTTP/1.1, POST /wp-login.php HTTP/1.1, GET /?author=2 HTTP/1.1, GET /wp-json/wp/v2/users HTTP/1.1, GET / HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 15:44:00 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 ... show more (mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:43:54.028407 2026] [security2:error] [pid 17654:tid 17654] [client 152.89.216.26:54752] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.kathydumesnilart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.kathydumesnilart.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai16ukqDZ4IIv5VShpeKowAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:00:12 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 ... show more (mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:00:08.699394 2026] [security2:error] [pid 24272:tid 24272] [client 152.89.216.26:60630] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.havenlaneministries.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.havenlaneministries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai1GSDEW1jbKdWH4Ra6U6wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 11:03:51 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 ... show more (mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 07:03:46.006059 2026] [security2:error] [pid 18146:tid 18146] [client 152.89.216.26:36164] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.intrinsicdiscovery.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.intrinsicdiscovery.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai05Elf-ZEe9cPMcsUjNdQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:18:50 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 ... show more (mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:18:43.693145 2026] [security2:error] [pid 18349:tid 18349] [client 152.89.216.26:36812] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.calvarycavaliers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.calvarycavaliers.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ai0SY8NZxW9CVolnVmNzNAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 00:27:01 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 ... show more (mod_security) mod_security (id:225170) triggered by 152.89.216.26 (pve.ampir.ru): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 20:26:56.980582 2026] [security2:error] [pid 6587:tid 6587] [client 152.89.216.26:48480] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.wholesalelivelobsters.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wholesalelivelobsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiyj0OlKcvzQ5jXde8uSPAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-05 20:45:06 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-05 20:15:09 (1 week ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇫🇷 SpaceHost-Server	2026-05-15 22:26:33 (4 weeks ago)		Brute-Force Web App Attack
🇩🇪 stinpriza	2026-05-15 03:45:00 (4 weeks ago)	WP Authentication attempt for unknown user	Brute-Force Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 61.37.150.6

🇨🇳 182.204.181.151

🇪🇨 181.39.158.27

🇩🇿 154.243.94.8

🇧🇩 103.183.62.0

🇹🇭 101.109.253.244

🇳🇱 91.92.241.196

🇬🇧 87.236.176.81

🇩🇪 64.89.163.28

🇬🇧 34.39.16.70

🇬🇧 195.96.139.201

🇻🇳 171.237.176.209

🇩🇪 167.172.108.197

🇺🇸 157.230.150.187

🇹🇭 110.238.115.146

🇩🇪 69.5.169.245

🇨🇳 42.194.181.182

🇬🇧 213.166.84.62

🇧🇪 198.235.24.217

🇯🇵 152.32.146.182