JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.244.152.189

185.244.152.189 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 29%: ?

29%

ISP	Kurdistan Net Company for Computer and Internet Ltd.
Usage Type	Fixed Line ISP
ASN	AS206206
Domain Name	knet-telecom.com
Country	🇮🇶 Iraq
City	Erbil, Erbil

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.244.152.189

Whois 185.244.152.189

IP Abuse Reports for 185.244.152.189:

This IP address has been reported a total of 35 times from 22 distinct sources. 185.244.152.189 was first reported on July 17th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇰🇷 zlhIcd	2026-06-21 04:08:57 (4 days ago)	185.244.152.189 - - [16/Jun/2026:06:17:46 +0900] "GET /pcwiki/index.php?days=30&from=20251130052130& ... show more 185.244.152.189 - - [16/Jun/2026:06:17:46 +0900] "GET /pcwiki/index.php?days=30&from=20251130052130&hideliu=1&limit=500&title=%ED%8A%B9%EC%88%98%EA%B8%B0%EB%8A%A5:%EB%A7%81%ED%81%AC%EC%B5%9C%EA%B7%BC%EB%B0%94%EB%80%9C HTTP/1.1" 404 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_2_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.6943.53 Safari/537.36" ... show less	Web Spam SQL Injection Bad Web Bot Web App Attack
🇸🇬 mypatricks	2026-06-10 11:13:25 (2 weeks ago)	185.244.152.189 \| Port: 9974 \| DNS: 185.244.152.189 2026-06-10T19:13:24+08:00 Asia/Baghdad \| IPs res ... show more 185.244.152.189 \| Port: 9974 \| DNS: 185.244.152.189 2026-06-10T19:13:24+08:00 Asia/Baghdad \| IPs res erved list \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 HTTP/1.1 443 GET \| URL: /ms?dcd9f8dae9fbcfc=708 \| Ref: https://xxxxxx \| Country: IQ/Iraq/+03:00 IP City: Baghdad Windows a097f2475f84acbd-BGW/Baghdad, Iraq 1 hits/0 secs Browser 1 show less	Brute-Force Web App Attack Blog Spam Web Spam Exploited Host
Anonymous	2026-06-06 01:00:47 (2 weeks ago)	Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signatur ... show more Botnet activity. Attribution: Angara Technologies Group / mikhail-smirnov-79830322 \| Attack Signature Blocked: /wishlist/index/add/product/9427/form_key/8D7OPnW5qJctUpS1/ \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Ge... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 gui-ying233	2026-05-28 02:06:12 (4 weeks ago)	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0. ... show more Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 show less	Bad Web Bot
🇦🇺 MAGIC	2026-05-28 00:17:40 (4 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇫🇷 Sklurk	2026-05-22 05:05:03 (1 month ago)	Web App Attack	Web App Attack
🇬🇧 www.elivecd.org	2026-04-22 16:39:18 (2 months ago)	185.244.152.189 - - [22/Apr/2026:17:33:13 +0100] "GET /newsletters/?reflect_421_month=7&reflect_421_ ... show more 185.244.152.189 - - [22/Apr/2026:17:33:13 +0100] "GET /newsletters/?reflect_421_month=7&reflect_421_year=2009&reflect_421_day=false&reflect_421_start=0&reflect_987_month=1&reflect_987_year=2008&reflect_987_day=false&reflect_987_start=0&start=48 HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" ... show less	DDoS Attack
🇮🇩 Burayot	2026-04-17 04:36:45 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:10000003) triggered by 185.244.152.189 (IQ/Iraq/-): 2 in ... show more LF_MODSEC: (mod_security) mod_security (id:10000003) triggered by 185.244.152.189 (IQ/Iraq/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-03-28 02:39:37 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 185.244.152.189 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 185.244.152.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 22:39:31.772995 2026] [security2:error] [pid 21621:tid 21621] [client 185.244.152.189:59817] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|andreas-villa.com\|F\|2"] [data ".bat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "andreas-villa.com"] [uri "/concrete/bin/concrete.bat"] [unique_id "acc_Y-AMA8X7xwLzVazOtQAAAAU"], referer: https://andreas-villa.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Sklurk	2026-03-26 12:17:14 (2 months ago)	Web App Attack	Web App Attack
🇮🇩 hermawan	2026-03-23 01:00:15 (3 months ago)	1774227606.869814 Cu2NqU3c1U9IDN98Ej 185.244.152.189 7947 103.166.156.58 443 tcp - 3.048833 0 0 S0 F ... show more 1774227606.869814 Cu2NqU3c1U9IDN98Ej 185.244.152.189 7947 103.166.156.58 443 tcp - 3.048833 0 0 S0 F F 0 S 3 180 0 0 - 6 887113803949428_52 (empty) 65535_2-4-8-1-3_1452_6 (empty) 03/23/2026-08:00:06.869814 ... show less	Email Spam Hacking
🇺🇸 johnkarlhill	2026-03-14 10:03:02 (3 months ago)	WebKnight blocked malicious web request on johnkarlhill.com	Brute-Force SSH
🇺🇸 kosada.com	2026-03-12 13:27:24 (3 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot
🇺🇸 NXTwoThou	2026-03-12 05:50:33 (3 months ago)	/WebResource.axd%3Fd=qiXuFgIlCdZ0rLbU-l3-vSRz1LtNCRvDqgJkE8mOcnINBeuj6-kEf53F_mOAu-_d3Emt9h3Btd-rUL9 ... show more /WebResource.axd%3Fd=qiXuFgIlCdZ0rLbU-l3-vSRz1LtNCRvDqgJkE8mOcnINBeuj6-kEf53F_mOAu-_d3Emt9h3Btd-rUL9JTMiAjYEX-vo1%26t=638901356248157332 show less	Web App Attack
🇬🇧 masterguru	2026-03-10 10:28:23 (3 months ago)	Blocked scraper: Distributed DDoS IP.. String match "rating_filter=" at QUERY_STRING. (200100-185)	Hacking

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.24

🇷🇴 188.241.222.89

🇸🇬 167.99.72.73

🇺🇸 159.54.190.221

🇳🇱 104.23.172.17

🇮🇩 103.78.104.197

🇷🇺 95.25.46.60

🇨🇳 58.48.170.235

🇲🇽 45.238.190.201

🇺🇸 34.150.161.12

🇺🇸 18.209.34.225

🇺🇸 205.210.31.58

🇨🇳 203.34.49.242

🇬🇧 193.163.125.89

🇵🇹 176.223.43.245

🇸🇬 165.22.56.20

🇩🇴 148.255.82.226

🇰🇷 125.138.92.136

🇺🇸 73.95.163.198

🇳🇱 45.153.34.71