JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.239.44.85

193.239.44.85 was found in our database!

This IP was reported 213 times. Confidence of Abuse is 0%: ?

ISP	Domena.pl sp. z o.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60713
Hostname(s)	grid17.agnat.pl
Domain Name	domena.pl
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.239.44.85

Whois 193.239.44.85

IP Abuse Reports for 193.239.44.85:

This IP address has been reported a total of 213 times from 77 distinct sources. 193.239.44.85 was first reported on January 10th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2025-12-28 20:10:42 (5 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 TPI-Abuse	2025-12-28 02:22:56 (5 months ago)	(mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 21:22:53.188404 2025] [security2:error] [pid 21603:tid 21603] [client 193.239.44.85:37966] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.239.44.85 (+1 hits since last alert)\|artspacecleveland.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artspacecleveland.org"] [uri "/xmlrpc.php"] [unique_id "aVCUfTBACL9ygXbZLeNDEQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dbmwebdesign	2025-12-28 02:20:25 (5 months ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇬🇧 [email protected]	2025-12-28 00:49:35 (5 months ago)	...	Brute-Force SSH
🇺🇸 [email protected]	2025-12-28 00:18:49 (5 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2025-12-28T00:18:49Z	Brute-Force
🇳🇱 Site.eu	2025-12-28 00:08:14 (5 months ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 [email protected]	2025-12-28 00:00:30 (5 months ago)	Fail2Ban jail apache-json-scanners detected activity on 2025-12-28T00:00:30Z	Brute-Force
🇺🇸 WeekendWeb	2025-12-27 23:42:26 (5 months ago)	Wordpress Vunerability attack	Web App Attack
🇳🇱 maxxsense	2025-12-27 23:41:13 (5 months ago)	(wordpress) Failed wordpress login from 193.239.44.85 (PL/Poland/grid17.agnat.pl)	Brute-Force
🇺🇸 TPI-Abuse	2025-12-27 23:12:36 (5 months ago)	(mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 18:12:31.343605 2025] [security2:error] [pid 31887:tid 31887] [client 193.239.44.85:35024] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.239.44.85 (+1 hits since last alert)\|majikdecor.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "majikdecor.com"] [uri "/xmlrpc.php"] [unique_id "aVBn3zRo6Y8uhRF8rB4v3AAAACg"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2025-12-27 23:04:35 (5 months ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (1020-123)	Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 22:44:45 (5 months ago)	(mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 17:44:38.526996 2025] [security2:error] [pid 3222:tid 3222] [client 193.239.44.85:41154] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.239.44.85 (+1 hits since last alert)\|telecompros.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "telecompros.net"] [uri "/xmlrpc.php"] [unique_id "aVBhVnEnYV6K4icW3IW64AAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇹 Malta	2025-12-27 22:14:47 (5 months ago)	193.239.44.85 - - [27/Dec/2025:23:14:47 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Linux; Andr ... show more 193.239.44.85 - - [27/Dec/2025:23:14:47 +0100] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Linux; Android 10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Mobile Safari/537.36" Brute-force password attempt show less	Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-27 21:56:18 (5 months ago)	(mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last ... show more (mod_security) mod_security (id:240335) triggered by 193.239.44.85 (grid17.agnat.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:56:15.000500 2025] [security2:error] [pid 18972:tid 18972] [client 193.239.44.85:56382] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 193.239.44.85 (+1 hits since last alert)\|cycontechnology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cycontechnology.com"] [uri "/xmlrpc.php"] [unique_id "aVBV_rQ9_HSEbddZAhv1WAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 masterguru	2025-12-27 21:27:14 (5 months ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)	Web App Attack

Showing 1 to 15 of 213 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.106

🇮🇩 103.165.206.238

🇧🇬 78.128.113.74

🇺🇸 52.88.207.227

🇧🇷 45.160.244.217

🇳🇱 45.148.10.157

🇬🇧 193.163.125.149

🇪🇸 188.26.211.126

🇺🇸 74.82.47.32

🇺🇸 64.62.156.152

🇺🇸 64.62.156.143

🇺🇸 52.40.87.102

🇺🇸 45.86.211.57

🇮🇩 34.34.223.108

🇰🇷 211.178.165.251

🇬🇧 193.163.125.223

🇺🇸 172.174.46.118

🇳🇱 91.92.40.200

🇧🇦 80.65.90.155

🇺🇸 20.65.194.48