JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 190.103.220.155

190.103.220.155 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 13%: ?

13%

ISP	Coop. de Luz y Fuerza Eléct. Industria y Otros Serv. Públicos,Vivienda y Crédito de Punta Alta Ltda
Usage Type	Fixed Line ISP
ASN	AS264830
Hostname(s)	190-103-220-155.cepanet.com.ar
Domain Name	cepanet.com.ar
Country	🇦🇷 Argentina
City	Punta Alta, Buenos Aires

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 190.103.220.155

Whois 190.103.220.155

IP Abuse Reports for 190.103.220.155:

This IP address has been reported a total of 17 times from 12 distinct sources. 190.103.220.155 was first reported on August 21st 2021, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-25 13:43:44 (7 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-28 11:22:39 (4 weeks ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
🇬🇧 PeravixGroup	2026-05-19 20:23:21 (1 month ago)	Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ... show more Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud show less	Hacking Exploited Host
Anonymous	2026-04-21 04:31:54 (2 months ago)	Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10. ... show more Automated bot traffic — residential proxy, fake browser fingerprint. UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇫🇷 geeek	2026-04-13 13:27:42 (2 months ago)	Port scanning: 445 TCP Blocked	Port Scan
🇺🇸 TPI-Abuse	2026-04-09 09:32:23 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 190.103.220.155 (190-103-220-155.cepanet.com.ar ... show more (mod_security) mod_security (id:210730) triggered by 190.103.220.155 (190-103-220-155.cepanet.com.ar): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 05:32:16.554820 2026] [security2:error] [pid 3543547:tid 3543598] [client 190.103.220.155:59982] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|digital4z.com\|F\|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "digital4z.com"] [uri "/wp-content/plugins/jetpack/modules/after-the-deadline/rtl/WS_FTP.LOG"] [unique_id "addyIMRjt1WgolY4lMpQegAAAMA"], referer: https://digital4z.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bsoft.de	2026-01-18 00:15:33 (5 months ago)	Blocked because of abusive behavior	DDoS Attack
🇨🇭 backslash	2026-01-11 16:35:07 (5 months ago)	block ruleset A5EE6C8F745F0934168261886A3817E5C386412A	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-26 20:23:56 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 190.103.220.155 (190-103-220-155.cepanet.com.ar ... show more (mod_security) mod_security (id:210350) triggered by 190.103.220.155 (190-103-220-155.cepanet.com.ar): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 15:23:21.887173 2025] [security2:error] [pid 2994284:tid 2994393] [client 190.103.220.155:35652] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|autodiscover.acornway.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "autodiscover.acornway.com"] [uri "/"] [unique_id "aU7uuWl02va_Ve4SBkmrzAAAAwE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-24 19:12:56 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇮🇩 hermawan	2025-11-20 09:04:02 (7 months ago)	[Thu Nov 20 15:59:39.336896 2025] [security2:error] [pid 499070:tid 140414048773824] [client 190.103 ... show more [Thu Nov 20 15:59:39.336896 2025] [security2:error] [pid 499070:tid 140414048773824] [client 190.103.220.155:42058] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "WOW64" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.20.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "247"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: WOW64 found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36 request_line = GET /index.php/profil/meteorologi/list-all-categories/551-klimatologi/prakiraan-klimatologi/peringatan-dini/555559214-peringatan-dini-curah-hujan-tinggi-pemutakhiran-data-hingga-11-januari-2022-berlaku-dasarian-ii-tanggal-11-20-januari-2022 HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-all-categories/551-klimatologi/prakiraan-klimatologi/peringatan-dini/555559214- ... show less	Hacking Web App Attack
Anonymous	2025-11-18 14:49:46 (7 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-14 20:35:09 (7 months ago)	scanning http requests from known botnet	Web App Attack
🇩🇪 Ad0lar	2025-10-29 15:07:08 (7 months ago)	ports, 445/24H:1/7D:1	Port Scan
Anonymous	2023-08-19 06:08:19 (2 years ago)	michaelklotzbier.de 190.103.220.155 [16/Aug/2023:17:39:25 +0200] "POST /wp-login.php HTTP/1.1" 200 1 ... show more michaelklotzbier.de 190.103.220.155 [16/Aug/2023:17:39:25 +0200] "POST /wp-login.php HTTP/1.1" 200 10032 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" michaelklotzbier.de 190.103.220.155 [16/Aug/2023:17:39:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 760 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" show less	Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 163.5.171.30

🇺🇸 96.56.228.149

🇮🇹 2400:cb00:979:1000:b1a4:7977:95c6:d799

🇲🇩 212.0.217.14

🇵🇰 202.63.202.42

🇩🇪 164.92.250.106

🇸🇬 152.32.220.188

🇺🇸 152.32.182.41

🇺🇸 141.11.88.108

🇵🇰 72.255.3.135

🇭🇰 43.161.246.189

🇰🇷 211.106.133.202

🇸🇬 165.22.56.20

🇺🇸 130.131.195.139

🇷🇺 95.25.174.31

🇨🇦 65.111.21.52

🇩🇪 43.228.157.133

🇷🇴 80.94.95.211

🇺🇸 66.175.220.105

🇰🇷 59.16.192.32