JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 190.97.245.49

190.97.245.49 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 51%: ?

51%

ISP	VIGINET C.A
Usage Type	Fixed Line ISP
ASN	AS263703
Domain Name	viginet.com.ve
Country	🇻🇪 Venezuela (Bolivarian Republic of)
City	El Vigia, Merida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 190.97.245.49

Whois 190.97.245.49

IP Abuse Reports for 190.97.245.49:

This IP address has been reported a total of 22 times from 17 distinct sources. 190.97.245.49 was first reported on February 28th 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 WeekendWeb	2026-06-10 18:04:05 (5 hours ago)	Wordpress Vunerability attack	Web App Attack
Anonymous	2026-06-10 17:24:40 (6 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-10 05:13:21 (18 hours ago)	(mod_security) mod_security (id:240335) triggered by 190.97.245.49 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 190.97.245.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:13:13.649492 2026] [security2:error] [pid 18498:tid 18498] [client 190.97.245.49:61937] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 190.97.245.49 (+1 hits since last alert)\|guitarwisdom.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "guitarwisdom.com"] [uri "/xmlrpc.php"] [unique_id "aijyaZXFQl13KkoXWFJ3vgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-03 01:31:28 (1 week ago)	Connection atttempts against closed TCP ports Jun 3 03:31:26 BLOCK SRC=190.97.245.49 LEN=52 TOS=0x0 ... show more Connection atttempts against closed TCP ports Jun 3 03:31:26 BLOCK SRC=190.97.245.49 LEN=52 TOS=0x08 PREC=0x20 TTL=53 ID=61101 DF PROTO=TCP SPT=15100 DPT=443 WINDOW=65535 RES=0x00 ACK PSH FIN Jun 3 03:31:26 BLOCK SRC=190.97.245.49 LEN=52 TOS=0x08 PREC=0x20 TTL=53 ID=61102 DF PROTO=TCP SPT=15100 DPT=443 WINDOW=65535 RES=0x00 ACK PSH FIN Jun 3 03:31:27 BLOCK SRC=190.97.245.49 LEN=52 TOS=0x08 PREC=0x20 TTL=53 ID=61103 DF PROTO=TCP SPT=15100 DPT=443 WINDOW=65535 RES=0x00 ACK PSH FIN show less	Port Scan
🇩🇪 SMARTNET	2026-05-27 06:03:53 (2 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 22ada211-5b5c-463a-b46f-60fd11dc639d	DDoS Attack
🇬🇧 PeravixGroup	2026-05-24 03:20:57 (2 weeks ago)	Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ... show more Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Brute-Force
Anonymous	2026-05-22 05:27:26 (2 weeks ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-05-12 18:44:50 (4 weeks ago)	tcp/23 (2 or more attempts)	Port Scan
Anonymous	2026-05-11 03:52:07 (4 weeks ago)	Attack Signature Blocked: /wishlist/index/add/product/11335/form_key/jDSE3AFcKUMCHDrK/ (Magento Site ... show more Attack Signature Blocked: /wishlist/index/add/product/11335/form_key/jDSE3AFcKUMCHDrK/ (Magento Site) (Botnet activity attributed to: Angara Technologies Group / mikhail-smirnov-79830322) show less	Web App Attack Bad Web Bot
Anonymous	2026-05-08 01:02:09 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-04-25 19:58:20 (1 month ago)	tcp/6036 (6 or more attempts)	Port Scan
🇺🇸 MPL	2026-04-25 19:58:20 (1 month ago)	tcp/6036 (10 or more attempts)	Port Scan
🇺🇸 SSP	2026-04-24 00:40:01 (1 month ago)	Automatic report from iptables firewall - detected malicious activity	DDoS Attack Brute-Force SSH Web App Attack Port Scan Hacking
🇺🇸 Cyber Crusader	2026-04-21 22:02:57 (1 month ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇨🇿 lp	2026-04-13 00:19:47 (1 month ago)	SSH Brute force: 1 attempts were recorded from 190.97.245.49 2026-04-13T01:01:15+02:00 Invalid user ... show more SSH Brute force: 1 attempts were recorded from 190.97.245.49 2026-04-13T01:01:15+02:00 Invalid user user from 190.97.245.49 port 51771 show less	Brute-Force SSH

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.29.201.213

🇨🇳 222.212.83.51

🇿🇦 197.185.146.97

🇬🇧 193.163.125.32

🇱🇹 185.36.81.23

🇨🇳 171.217.68.100

🇹🇳 154.110.43.140

🇺🇸 142.111.152.159

🇨🇳 114.217.10.60

🇷🇴 80.94.92.7

🇯🇵 74.176.227.125

🇺🇸 66.132.195.102

🇺🇸 66.132.195.66

🇮🇪 54.155.89.101

🇱🇺 46.151.182.58

🇺🇸 2606:65c0:20:43e:aa6b:fc67:d33d:7e55

🇺🇿 213.230.82.1

🇵🇱 185.241.208.20

🇳🇴 185.12.59.118

🇺🇸 162.216.149.208