JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.179.133.72

196.179.133.72 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 90%: ?

90%

ISP	OOREDOOTN
Usage Type	Fixed Line ISP
ASN	AS37693
Domain Name	ooredoo.tn
Country	🇹🇳 Tunisia
City	Kairouan, Kairouan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.179.133.72

Whois 196.179.133.72

IP Abuse Reports for 196.179.133.72:

This IP address has been reported a total of 22 times from 17 distinct sources. 196.179.133.72 was first reported on June 21st 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇱 spd.co.il	2026-06-24 23:02:48 (3 days ago)	Web application attack detected	Hacking Web App Attack
🇸🇪 vaia.cloud	2026-06-23 16:26:01 (5 days ago)	trying wp-login.php/xmlrpc.php 37 times in 1 minutes	Brute-Force Web App Attack
🇧🇪 taivas.nl	2026-06-23 14:02:10 (5 days ago)	Bad_requests	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-06-23 10:36:24 (5 days ago)	196.179.133.72 - - [23/Jun/2026:13:36:19 +0300] "GET /wp-admin/index.php HTTP/1.1" 404 218 "https:// ... show more 196.179.133.72 - - [23/Jun/2026:13:36:19 +0300] "GET /wp-admin/index.php HTTP/1.1" 404 218 "https://elconf.kpi.ua/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 196.179.133.72 - - [23/Jun/2026:13:36:21 +0300] "GET /wp-admin/profile.php HTTP/1.1" 404 4168 "https://elconf.kpi.ua/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" ... show less	Web App Attack
🇫🇷 Baking333	2026-06-23 08:36:49 (5 days ago)	[redacted] 196.179.133.72 - - [23/Jun/2026:09:36:32 +0100] "GET /.env HTTP/1.1" 302 6773 0/113552 "- ... show more [redacted] 196.179.133.72 - - [23/Jun/2026:09:36:32 +0100] "GET /.env HTTP/1.1" 302 6773 0/113552 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" [redacted] 196.179.133.72 - - [23/Jun/2026:09:36:48 +0100] "GET /.env HTTP/1.1" 302 6773 0/70712 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" show less	Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-23 07:44:49 (5 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇩🇪 KiekerJan	2026-06-23 05:09:17 (5 days ago)	196.179.133.72 - - [23/Jun/2026:07:09:15 +0200] "GET /wp-login.php HTTP/1.1" 404 181 "-" "Mozilla/5. ... show more 196.179.133.72 - - [23/Jun/2026:07:09:15 +0200] "GET /wp-login.php HTTP/1.1" 404 181 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 196.179.133.72 - - [23/Jun/2026:07:09:16 +0200] "GET /wp-login.php HTTP/1.1" 301 162 "https://t.co/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" ... show less	Web App Attack
🇩🇪 filstal.org	2026-06-23 04:49:02 (5 days ago)	WordPress user enumeration attempt detected.	Hacking Web App Attack
Anonymous	2026-06-23 04:28:12 (5 days ago)	[ns27.kdns.gr] httpd-suspicious-path: sites=foraofakous.gr; logs=/var/log/httpd/domains/foraofakous. ... show more [ns27.kdns.gr] httpd-suspicious-path: sites=foraofakous.gr; logs=/var/log/httpd/domains/foraofakous.gr.log; samples=/wp-config.php.bak \| /wp-config.php.old \| /wp-config.php.save show less	Hacking Web App Attack
🇩🇪 Tha_14	2026-06-23 04:06:27 (5 days ago)	Exceeded the allowed number of login attempts	Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 03:18:05 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 196.179.133.72 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 196.179.133.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 23:17:58.981304 2026] [security2:error] [pid 31977:tid 31977] [client 196.179.133.72:58078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.rockinr.org"] [uri "/wp-config.php.bak"] [unique_id "ajn65vx4FV-gebpToMDEfAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Tha_14	2026-06-23 03:04:05 (5 days ago)	Limit on login attempts is reached	Brute-Force
🇺🇸 Matthew Ping	2026-06-23 03:00:01 (5 days ago)	ModSecurity rule 949110 triggered on server. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇳🇱 Site.eu	2026-06-23 01:56:39 (5 days ago)	Excessive 404/403 errors	Brute-Force
🇩🇪 filstal.org	2026-06-22 23:38:46 (5 days ago)	Web exploit or injection attempt blocked by ModSecurity WAF.	SQL Injection Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.164.241.224

🇳🇱 195.178.110.30

🇨🇳 124.226.216.189

🇻🇳 103.153.75.186

🇷🇺 92.255.170.48

🇸🇬 45.78.204.254

🇺🇸 23.94.61.208

🇺🇸 207.90.244.17

🇸🇬 143.198.211.147

🇹🇼 110.25.109.58

🇰🇷 1.238.106.229

🇧🇬 79.124.40.110

🇺🇸 66.132.172.35

🇩🇪 64.89.163.144

🇫🇷 51.77.158.34

🇿🇦 41.123.196.56

🇳🇮 38.226.162.232

🇨🇳 27.24.141.88

🇺🇸 216.26.227.97

🇺🇸 199.104.120.81