JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 93.137.18.143

93.137.18.143 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 35%: ?

35%

ISP	Hrvatski Telekom d.d.
Usage Type	Fixed Line ISP
ASN	AS5391
Hostname(s)	93-137-18-143.adsl.net.t-com.hr
Domain Name	ht.hr
Country	🇭🇷 Croatia
City	Varazdin, Varazdin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 93.137.18.143

Whois 93.137.18.143

IP Abuse Reports for 93.137.18.143:

This IP address has been reported a total of 11 times from 8 distinct sources. 93.137.18.143 was first reported on December 7th 2021, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-13 02:15:16 (2 weeks ago)		Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-12 19:26:18 (2 weeks ago)	(wordpress) Failed wordpress login from 93.137.18.143 (HR/Croatia/93-137-18-143.adsl.net.t-com.hr): ... show more (wordpress) Failed wordpress login from 93.137.18.143 (HR/Croatia/93-137-18-143.adsl.net.t-com.hr): (CF_ENABLE) show less	Brute-Force
🇫🇷 Yepngo	2026-06-12 18:31:21 (2 weeks ago)	93.137.18.143 - - [12/Jun/2026:20:31:10 +0200] "POST /xmlrpc.php HTTP/2.0" 200 410 "-" "Jetpack by W ... show more 93.137.18.143 - - [12/Jun/2026:20:31:10 +0200] "POST /xmlrpc.php HTTP/2.0" 200 410 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" 93.137.18.143 - - [12/Jun/2026:20:31:20 +0200] "POST /xmlrpc.php HTTP/2.0" 200 410 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 10:13:55 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr) ... show more (mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:13:49.885304 2026] [security2:error] [pid 21081:tid 21081] [client 93.137.18.143:61454] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.137.18.143 (+1 hits since last alert)\|saadeh.ws\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "saadeh.ws"] [uri "/xmlrpc.php"] [unique_id "aivb3a537AiVLECi0p7aUgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-12 10:10:47 (2 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇸🇪 vaia.cloud	2026-06-12 09:57:10 (2 weeks ago)	trying wp-login.php/xmlrpc.php 31 times in 1 minutes	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 09:41:30 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr) ... show more (mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 05:41:25.757233 2026] [security2:error] [pid 24212:tid 24212] [client 93.137.18.143:55989] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.137.18.143 (+1 hits since last alert)\|rblep.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rblep.com"] [uri "/xmlrpc.php"] [unique_id "aivURYCjP0Y4vBSo3kxeQQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 08:42:02 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr) ... show more (mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 04:41:54.657580 2026] [security2:error] [pid 3203:tid 3203] [client 93.137.18.143:60101] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.137.18.143 (+1 hits since last alert)\|celebritybikinigossip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celebritybikinigossip.com"] [uri "/xmlrpc.php"] [unique_id "aivGUt9x8Fk329I-O9vUlwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:38:56 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr) ... show more (mod_security) mod_security (id:240335) triggered by 93.137.18.143 (93-137-18-143.adsl.net.t-com.hr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:38:50.586155 2026] [security2:error] [pid 20875:tid 20875] [client 93.137.18.143:51166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 93.137.18.143 (+1 hits since last alert)\|thepercussionworks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "aiu3ir4akGqDaL678gl3LAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 03:42:30 (2 weeks ago)	WordPress Brute Force	Brute-Force
🇩🇪 ManagedStack	2021-12-07 13:12:57 (4 years ago)	Unauthorized path/IP Access (full log not revealed as it contains sensitive data)	Hacking Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.252

🇧🇷 189.123.97.196

🇷🇺 176.77.9.196

🇨🇦 158.69.227.40

🇹🇷 94.55.212.60

🇩🇪 69.5.169.145

🇸🇬 43.156.91.175

🇫🇮 147.185.133.208

🇵🇱 95.214.53.216

🇫🇷 85.217.140.5

🇷🇴 80.94.92.120

🇺🇸 66.132.195.87

🇱🇹 62.60.130.219

🇺🇸 20.15.224.135

🇧🇪 198.235.24.222

🇫🇷 185.177.72.12

🇫🇮 89.167.59.89

🇺🇸 64.236.169.112

🇭🇰 47.239.115.127

🇺🇸 20.245.117.200