JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.38.152.33

89.38.152.33 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 50%: ?

50%

ISP	Jordanian Experts for Information Security LLC
Usage Type	Fixed Line ISP
ASN	AS208148
Domain Name	jorsit.com
Country	🇯🇴 Jordan
City	Amman, Amman

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.38.152.33

Whois 89.38.152.33

IP Abuse Reports for 89.38.152.33:

This IP address has been reported a total of 18 times from 8 distinct sources. 89.38.152.33 was first reported on June 7th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 11:40:42 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:40:35.915499 2026] [security2:error] [pid 762:tid 762] [client 89.38.152.33:50743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|riccardiagency.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "riccardiagency.com"] [uri "/xmlrpc.php"] [unique_id "ai_ks1aUy9zTwBGND0LrrgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 ConsulHosting	2026-06-15 06:56:09 (19 hours ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
Anonymous	2026-06-15 06:08:05 (20 hours ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇩🇪 konseptit	2026-06-14 06:20:09 (1 day ago)	(wordpress) Failed wordpress login from 89.38.152.33 (JO/Jordan/-)	Brute-Force
🇩🇪 konseptit	2026-06-11 13:27:54 (4 days ago)	(wordpress) Failed wordpress login from 89.38.152.33 (JO/Jordan/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 12:59:06 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:59:01.983446 2026] [security2:error] [pid 24718:tid 24718] [client 89.38.152.33:50473] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|lenorasflowers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lenorasflowers.com"] [uri "/xmlrpc.php"] [unique_id "aiqxFd13Uzfdz9hIAVDJ4QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 11:30:40 (5 days ago)	Attac	Brute-Force
🇲🇾 Rizzy	2026-06-09 13:57:13 (6 days ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 07:35:10 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:35:04.588648 2026] [security2:error] [pid 28269:tid 28289] [client 89.38.152.33:58426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|mtiminis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mtiminis.com"] [uri "/xmlrpc.php"] [unique_id "aifCKHlNNpFq1rfX2FC8VwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-09 07:00:35 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC RO/Romania/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 06:40:26 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:40:21.233190 2026] [security2:error] [pid 3082:tid 3082] [client 89.38.152.33:62255] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|hollyndlaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hollyndlaw.com"] [uri "/xmlrpc.php"] [unique_id "aie1VfPnGPu3aU_zxh8u9AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 15:14:25 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 11:14:19.495317 2026] [security2:error] [pid 17129:tid 17129] [client 89.38.152.33:50231] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|4115thewestford.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "4115thewestford.com"] [uri "/xmlrpc.php"] [unique_id "aibcS2DeZD9XYF0jhXAGagAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 14:11:31 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:11:23.825816 2026] [security2:error] [pid 7732:tid 7732] [client 89.38.152.33:51901] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|hiidied.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hiidied.com"] [uri "/xmlrpc.php"] [unique_id "aibNiznu1h8SjZe9DdMyAQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 13:14:40 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 12:42:15 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 89.38.152.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:42:08.326118 2026] [security2:error] [pid 17610:tid 17610] [client 89.38.152.33:59414] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 89.38.152.33 (+1 hits since last alert)\|pinebrookdesign.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pinebrookdesign.com"] [uri "/xmlrpc.php"] [unique_id "aia4oJwUoxqqrT7NEM1XKwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 121.200.216.55

🇺🇸 108.48.144.166

🇧🇬 79.124.62.126

🇮🇪 54.171.108.240

🇧🇷 45.226.127.223

🇰🇷 221.162.3.119

🇵🇱 194.165.16.161

🇧🇷 191.6.16.78

🇻🇳 160.187.240.90

🇭🇰 152.32.171.213

🇫🇮 147.185.133.113

🇮🇳 103.216.145.2

🇮🇹 93.145.152.138

🇲🇩 91.208.197.64

🇺🇸 65.49.1.185

🇨🇳 60.166.82.252

🇮🇪 34.242.101.9

🇻🇳 14.171.227.126

🇨🇳 14.144.163.237

🇬🇧 216.213.158.112