JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.168.152.189

193.168.152.189 was found in our database!

This IP was reported 109 times. Confidence of Abuse is 89%: ?

89%

ISP	CEREN NET BILISIM TELEKOMUNIKASYON HABERLESME TIC.LTD.STI.
Usage Type	Fixed Line ISP
ASN	AS209714
Domain Name	cerennet.com.tr
Country	🇹🇷 Turkey
City	Bozburun, Denizli

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.168.152.189

Whois 193.168.152.189

IP Abuse Reports for 193.168.152.189:

This IP address has been reported a total of 109 times from 35 distinct sources. 193.168.152.189 was first reported on March 24th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 debestelapp	2026-06-24 14:10:04 (1 day ago)		Web App Attack
Anonymous	2026-06-24 08:13:49 (1 day ago)	(wordpress) Failed wordpress login from 193.168.152.189 (TR/Türkiye/-)	Brute-Force
🇺🇸 integrantservices.com	2026-06-24 06:39:59 (1 day ago)	(wordpress) Failed wordpress login from 193.168.152.189 (TR/Türkiye/-)	Brute-Force
🇫🇷 Kenshin869	2026-06-22 06:11:15 (3 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-20 08:31:21 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:31:13.933585 2026] [security2:error] [pid 20868:tid 20868] [client 193.168.152.189:57243] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.168.152.189 (+1 hits since last alert)\|apuntesdeinversion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "ajZP0ffXIdeFRXjZW-BPbgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-20 07:29:41 (5 days ago)	(wordpress) Failed wordpress login from 193.168.152.189 (TR/Türkiye/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-18 13:32:58 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 09:32:52.418686 2026] [security2:error] [pid 24270:tid 24270] [client 193.168.152.189:61087] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.168.152.189 (+1 hits since last alert)\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cemesur-vision21.com"] [uri "/xmlrpc.php"] [unique_id "ajPzhBDi2W5uxilhQ_M7_AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-17 08:51:16 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 Séfora Srl	2026-06-15 14:03:29 (1 week ago)	Failed attempt detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 13:35:17 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 09:35:14.275467 2026] [security2:error] [pid 23550:tid 23550] [client 193.168.152.189:53256] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.168.152.189 (+1 hits since last alert)\|nuewines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nuewines.com"] [uri "/xmlrpc.php"] [unique_id "ai__khT3a_Nhbn_jotUNdAAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-15 13:03:47 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇧🇪 cmbplf	2026-06-15 08:01:40 (1 week ago)	2.057 requests from abuseipdb.com blacklisted IP (11mos2w4d)	Brute-Force Bad Web Bot
🇫🇷 masterguru	2026-06-15 06:19:50 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇳🇱 Site.eu	2026-06-13 10:37:19 (1 week ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-12 13:49:37 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 193.168.152.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:49:30.284686 2026] [security2:error] [pid 22364:tid 22364] [client 193.168.152.189:58554] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.168.152.189 (+1 hits since last alert)\|36sovereignchambers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "36sovereignchambers.com"] [uri "/xmlrpc.php"] [unique_id "aiwOatGd89k5zcm70f1iVgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 109 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.132.129

🇩🇪 170.168.131.212

🇺🇸 156.227.242.173

🇱🇹 62.60.130.129

🇨🇦 44.135.2.35

🇨🇭 34.65.89.216

🇳🇱 20.31.135.232

🇻🇳 171.225.223.29

🇷🇺 95.215.0.144

🇺🇸 44.51.89.240

🇨🇳 180.76.103.111

🇵🇰 153.117.13.213

🇨🇳 119.96.193.72

🇮🇩 103.78.104.159

🇺🇸 44.100.179.76

🇲🇽 187.190.35.163

🇺🇸 162.216.149.34

🇮🇳 139.59.18.80

🇮🇩 103.227.144.186

🇺🇸 100.25.120.246