JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 188.69.201.238

188.69.201.238 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 48%: ?

48%

ISP	Telia Lietuva, AB
Usage Type	Fixed Line ISP
ASN	AS8764
Hostname(s)	md-188-69-201-238.omni.lt
Domain Name	telia.lt
Country	🇱🇹 Lithuania
City	Klaipeda, Klaipeda County

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 188.69.201.238

Whois 188.69.201.238

IP Abuse Reports for 188.69.201.238:

This IP address has been reported a total of 11 times from 8 distinct sources. 188.69.201.238 was first reported on June 7th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-10 17:31:45 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-10 10:51:17 (5 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 09:35:42 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 05:35:34.710594 2026] [security2:error] [pid 1043:tid 1043] [client 188.69.201.238:56966] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.69.201.238 (+1 hits since last alert)\|bonesband.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bonesband.com"] [uri "/xmlrpc.php"] [unique_id "aikv5oQh_25QQnQmaYgmsQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 15:48:49 (6 days ago)	(wordpress) Failed wordpress login from 188.69.201.238 (LT/Lithuania/md-188-69-201-238.omni.lt)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 15:21:56 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:21:51.740058 2026] [security2:error] [pid 21257:tid 21257] [client 188.69.201.238:50151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.69.201.238 (+1 hits since last alert)\|fractalsky.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fractalsky.com"] [uri "/xmlrpc.php"] [unique_id "aigvj99_u63GyGjW2mPXiwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:24:24 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:24:20.720879 2026] [security2:error] [pid 32105:tid 32105] [client 188.69.201.238:55154] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.69.201.238 (+1 hits since last alert)\|walkercline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "walkercline.com"] [uri "/xmlrpc.php"] [unique_id "aibepE8pAZaN_nGp_isPLgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ipoac.nl	2026-06-08 14:52:00 (1 week ago)	2026-06-08T16:51:59.064387+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown ... show more 2026-06-08T16:51:59.064387+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown user bahena from 188.69.201.238 show less	Web App Attack
🇫🇷 masterguru	2026-06-08 05:31:34 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-07 16:38:34 (1 week ago)	[ssd5.kdns.gr] httpd-xmlrpc-post: sites=popikouloufakou.com; logs=/var/log/httpd/domains/popikoulouf ... show more [ssd5.kdns.gr] httpd-xmlrpc-post: sites=popikouloufakou.com; logs=/var/log/httpd/domains/popikouloufakou.com.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2026-06-07 09:17:14 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 05:44:07 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 188.69.201.238 (md-188-69-201-238.omni.lt): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 01:44:03.918873 2026] [security2:error] [pid 955:tid 955] [client 188.69.201.238:63455] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 188.69.201.238 (+1 hits since last alert)\|takemehomedogrescue.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "takemehomedogrescue.org"] [uri "/xmlrpc.php"] [unique_id "aiUFI_RuH5BKgH0AzUnxHgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.114

🇺🇸 173.201.37.181

🇸🇬 167.172.79.176

🇮🇩 163.227.52.50

🇫🇮 147.185.133.126

🇺🇸 147.185.132.103

🇲🇾 121.123.141.251

🇮🇩 110.232.78.195

🇱🇹 91.224.92.17

🇺🇸 64.62.197.205

🇸🇬 47.84.204.29

🇳🇱 46.151.178.13

🇸🇪 31.59.160.12

🇧🇬 5.188.206.66

🇬🇪 2.57.217.229

🇨🇳 182.90.248.108

🇧🇷 177.6.115.2

🇳🇱 176.65.139.218

🇵🇰 154.57.216.142

🇺🇸 151.245.233.183