JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 190.143.252.11

190.143.252.11 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 4%: ?

ISP	Telefonia Celular de Nicaragua SA.
Usage Type	Fixed Line ISP
ASN	AS28036
Hostname(s)	host11-252-143-190tigobusiness.com.ni
Domain Name	movistar.com.ni
Country	🇳🇮 Nicaragua
City	Managua, Managua Department

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 190.143.252.11

Whois 190.143.252.11

IP Abuse Reports for 190.143.252.11:

This IP address has been reported a total of 24 times from 19 distinct sources. 190.143.252.11 was first reported on July 26th 2023, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mutebot.net	2026-06-04 14:55:13 (13 hours ago)	SRC=190.143.252.11, PROTO=TCP, SPT=6263, DPT=8080	Port Scan
Anonymous	2025-12-08 13:09:52 (5 months ago)	botnet	DDoS Attack
Anonymous	2025-11-22 16:13:58 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-11-14 22:30:19 (6 months ago)	scanning http requests from known botnet	Web App Attack
Anonymous	2025-09-05 00:37:00 (9 months ago)	amexを騙るメールｔ202508282151 https://kxfjlpfh.cn/	Phishing
🇺🇸 TPI-Abuse	2024-01-18 18:10:43 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 190.143.252.11 (host11-252-143-190tigobusiness. ... show more (mod_security) mod_security (id:225170) triggered by 190.143.252.11 (host11-252-143-190tigobusiness.com.ni): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 18 13:10:37.218580 2024] [security2:error] [pid 31286] [client 190.143.252.11:60425] [client 190.143.252.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.mounthoodhistory.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mounthoodhistory.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZalpnRlpUicsVYt99twYLgAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2024-01-17 16:22:21 (2 years ago)	WP-xmlrpc exploit	Web Spam Blog Spam Hacking Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2023-12-07 16:02:58 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 190.143.252.11 (host11-252-143-190tigobusiness. ... show more (mod_security) mod_security (id:225170) triggered by 190.143.252.11 (host11-252-143-190tigobusiness.com.ni): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 07 11:02:49.788706 2023] [security2:error] [pid 2578] [client 190.143.252.11:62840] [client 190.143.252.11] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.glendaleheritage.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.glendaleheritage.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZXHsqb0NyjT48km0vlezvwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2023-11-30 05:47:05 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2023-11-30 05:47:05 (2 years ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇺🇦 URAN Publishing Service	2023-11-10 14:18:53 (2 years ago)	190.143.252.11 - - [10/Nov/2023:16:18:51 +0200] "GET /wp-login.php HTTP/1.1" 404 4778 "-" "Mozilla/5 ... show more 190.143.252.11 - - [10/Nov/2023:16:18:51 +0200] "GET /wp-login.php HTTP/1.1" 404 4778 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" 190.143.252.11 - - [10/Nov/2023:16:18:52 +0200] "GET /xmlrpc.php HTTP/1.1" 404 366 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" ... show less	Web App Attack
🇦🇺 MAGIC	2023-11-09 23:15:08 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇩🇪 ps-center	2023-10-31 23:40:13 (2 years ago)	SS5: Web Attack GET /wp-login.php	Web Spam Hacking Bad Web Bot Web App Attack
🇬🇧 David Gebler	2023-10-14 16:40:37 (2 years ago)	190.143.252.11 - - [14/Oct/2023:16:40:36 +0000] "GET /wp-login.php HTTP/1.1" 403 401582 "-" "Mozilla ... show more 190.143.252.11 - - [14/Oct/2023:16:40:36 +0000] "GET /wp-login.php HTTP/1.1" 403 401582 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko" show less	Brute-Force Web App Attack
🇦🇺 weblite	2023-10-12 20:58:42 (2 years ago)	WP_LOGIN_FAIL WP_XMLRPC_ABUSE	Brute-Force Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:f806:9::

🇪🇹 196.188.116.56

🇧🇷 185.194.204.183

🇺🇸 173.255.223.32

🇺🇸 172.253.251.153

🇺🇸 91.230.168.32

🇵🇱 87.251.64.176

🇨🇳 220.250.52.101

🇨🇳 203.6.235.51

🇺🇸 195.184.76.231

🇧🇷 186.233.118.22

🇵🇪 161.132.50.236

🇺🇸 147.185.132.178

🇨🇦 85.217.149.15

🇺🇸 66.180.194.227

🇸🇬 47.79.51.96

🇧🇪 34.53.183.125

🇸🇬 8.219.180.8

🇱🇰 220.247.224.226

🇮🇩 182.23.57.242