JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.188.113.109

193.188.113.109 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 42%: ?

42%

ISP	Bahrain Telecommunications Company
Usage Type	Fixed Line ISP
ASN	AS5416
Hostname(s)	dynamic.ip.193.188.113.109.batelco.com.bh
Domain Name	batelco.com
Country	🇧🇭 Bahrain
City	Manama, Manama

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.188.113.109

Whois 193.188.113.109

IP Abuse Reports for 193.188.113.109:

This IP address has been reported a total of 19 times from 12 distinct sources. 193.188.113.109 was first reported on July 6th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-26 22:29:04 (1 day ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 20:17:02 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.bat ... show more (mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 16:16:54.584325 2026] [security2:error] [pid 15528:tid 15552] [client 193.188.113.109:6220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.188.113.109 (+1 hits since last alert)\|reghay.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reghay.com"] [uri "/xmlrpc.php"] [unique_id "aj7eNlEOSDaZrUkxREhGeQAAAQ8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 18:46:03 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.bat ... show more (mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 14:45:57.130798 2026] [security2:error] [pid 11431:tid 11431] [client 193.188.113.109:6614] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.188.113.109 (+1 hits since last alert)\|rockinr.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockinr.org"] [uri "/xmlrpc.php"] [unique_id "aj7I5WB6Oepevc22oeP6EwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 16:53:38 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.bat ... show more (mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:53:31.154919 2026] [security2:error] [pid 18851:tid 18851] [client 193.188.113.109:6119] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.188.113.109 (+1 hits since last alert)\|495metro.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "495metro.com"] [uri "/xmlrpc.php"] [unique_id "aj6ui35lw25XYDRMR2VnBAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-26 16:50:56 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-26 15:59:44 (1 day ago)	(wordpress) Failed wordpress login from 193.188.113.109 (BH/Bahrain/dynamic.ip.193.188.113.109.batel ... show more (wordpress) Failed wordpress login from 193.188.113.109 (BH/Bahrain/dynamic.ip.193.188.113.109.batelco.com.bh) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-26 14:53:08 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.bat ... show more (mod_security) mod_security (id:240335) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 10:53:01.801557 2026] [security2:error] [pid 2744:tid 2744] [client 193.188.113.109:6636] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.188.113.109 (+1 hits since last alert)\|newcitypark.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newcitypark.com"] [uri "/xmlrpc.php"] [unique_id "aj6STUB_HOscmPAP85yuhwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 13:26:15 (1 day ago)	[ns31.kdns.gr] httpd-xmlrpc-post: sites=teory.gr; logs=/var/log/httpd/domains/teory.gr.log; samples= ... show more [ns31.kdns.gr] httpd-xmlrpc-post: sites=teory.gr; logs=/var/log/httpd/domains/teory.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇪🇸 masterguru	2026-06-26 10:45:41 (1 day ago)	(xmlrpc) Failed xmlrpc access from 193.188.113.109 (BH/Bahrain/dynamic.ip.193.188.113.109.batelco.co ... show more (xmlrpc) Failed xmlrpc access from 193.188.113.109 (BH/Bahrain/dynamic.ip.193.188.113.109.batelco.com.bh): 5 in the last 3600 secs (0-122) show less	Hacking
🇺🇸 TPI-Abuse	2026-05-14 15:30:59 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.bat ... show more (mod_security) mod_security (id:210730) triggered by 193.188.113.109 (dynamic.ip.193.188.113.109.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 11:30:54.755865 2026] [security2:error] [pid 13353:tid 13353] [client 193.188.113.109:40302] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|phantomquailkennel.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "phantomquailkennel.com"] [uri "/paypal.com"] [unique_id "agXqrte4l-gHh_t7aC9gFwAAABE"], referer: https://phantomquailkennel.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-03-06 14:47:04 (3 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 gui-ying233	2026-02-12 00:01:07 (4 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Sa ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇩🇪 SMARTNET	2025-11-26 02:37:10 (7 months ago)	Aisuru(Mirai variant) DDoS	DDoS Attack
Anonymous	2025-11-25 23:01:05 (7 months ago)	scanning http requests from known botnet	Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.178.118.83

🇨🇳 106.116.139.12

🇿🇦 102.64.42.16

🇺🇸 44.168.70.113

🇧🇪 34.78.163.38

🇨🇳 219.146.228.74

🇹🇼 198.235.24.77

🇺🇸 185.191.171.4

🇨🇳 123.160.221.136

🇩🇪 87.106.14.177

🇨🇳 47.93.233.71

🇺🇸 44.66.72.65

🇻🇳 27.79.43.34

🇺🇸 198.57.219.18

🇬🇧 193.163.125.161

🇮🇹 172.213.152.46

🇺🇸 162.216.149.164

🇨🇳 111.26.106.119

🇵🇰 103.72.1.55

🇱🇹 62.60.130.129