JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.188.113.81

196.188.113.81 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 27%: ?

27%

ISP	Ethio Telecom
Usage Type	Fixed Line ISP
ASN	AS24757
Domain Name	ethiotelecom.et
Country	🇪🇹 Ethiopia
City	Addis Ababa, Addis Ababa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.188.113.81

Whois 196.188.113.81

IP Abuse Reports for 196.188.113.81:

This IP address has been reported a total of 14 times from 5 distinct sources. 196.188.113.81 was first reported on November 25th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-09 06:43:47 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:43:42.379676 2026] [security2:error] [pid 3807:tid 3807] [client 196.188.113.81:24087] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|apuntesdeinversion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "aie2HrcTFs9PY0SPFoqf3wAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 05:07:11 (3 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 06:05:45 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:05:37.711899 2026] [security2:error] [pid 24761:tid 24761] [client 196.188.113.81:23613] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|cartiologyfilms.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cartiologyfilms.com"] [uri "/xmlrpc.php"] [unique_id "aiZbsWpPKjHgoqIwp3cjOQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 Franco	2026-06-08 00:00:00 (4 days ago)	WP HAcking,trolling for resource vulnerabilities	Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-06-04 12:44:43 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:44:38.908112 2026] [security2:error] [pid 22570:tid 22570] [client 196.188.113.81:22629] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|protection4allsecurity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "protection4allsecurity.com"] [uri "/xmlrpc.php"] [unique_id "aiFzNmTtokCNWUoKv5H2bAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 09:20:56 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 05:20:51.044995 2026] [security2:error] [pid 31353:tid 31363] [client 196.188.113.81:16425] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|plumeraproductions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "plumeraproductions.com"] [uri "/xmlrpc.php"] [unique_id "aiFDc9LQUbpj1X66Iu-4YwAAAIM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 08:49:11 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 04:49:06.623845 2026] [security2:error] [pid 324:tid 324] [client 196.188.113.81:7988] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|varnadorefamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "varnadorefamily.com"] [uri "/xmlrpc.php"] [unique_id "aiE8AgNuTlqc5AOJPJu8EQAAACk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 06:06:18 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 02:06:14.377819 2026] [security2:error] [pid 23786:tid 23786] [client 196.188.113.81:16536] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|robinsnestingplace.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "robinsnestingplace.net"] [uri "/xmlrpc.php"] [unique_id "aiEV1oVBEUoas-HYO-v1TgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 10:55:52 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 06:55:49.105280 2026] [security2:error] [pid 10792:tid 10792] [client 196.188.113.81:30283] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|seahattravel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seahattravel.com"] [uri "/xmlrpc.php"] [unique_id "aiAINXwrGHAa93016preywAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-03 09:18:41 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-02 13:39:03 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 09:38:59.648873 2026] [security2:error] [pid 31797:tid 31797] [client 196.188.113.81:33056] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|jaragoodrich.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jaragoodrich.com"] [uri "/xmlrpc.php"] [unique_id "ah7c83a4GMn-4cD4TKfbIAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-02 13:36:07 (1 week ago)	(wordpress) Failed wordpress login from 196.188.113.81 (ET/Ethiopia/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-04-16 06:21:44 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.188.113.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 02:21:38.641348 2026] [security2:error] [pid 2908857:tid 2908857] [client 196.188.113.81:16356] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.188.113.81 (+1 hits since last alert)\|bigholegolf.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "aeB_8lOfm5yBrSRCI5rH_wAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 11:00:00 (6 months ago)	scanning http requests from known botnet	Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 2400:cb00:534:1000:a8b1:d7b9:c9a0:771a

🇫🇷 2400:cb00:534:1000:a309:4071:9c16:e13d

🇫🇷 2400:cb00:533:1000:b2ac:9c0f:1816:af73

🇫🇷 2400:cb00:532:1000:6803:a7fc:78bc:54fd

🇫🇷 2400:cb00:532:1000:2374:8796:cf01:dc7

🇫🇷 2400:cb00:532:1000:1c6c:9cc0:a1fc:13e6

🇦🇷 186.127.73.199

🇺🇸 173.199.117.55

🇸🇬 172.188.89.41

🇺🇸 162.217.162.241

🇮🇳 143.110.183.208

🇨🇳 120.82.85.189

🇫🇷 91.231.89.65

🇷🇴 80.94.95.242

🇫🇮 80.66.83.43

🇺🇸 71.168.166.249

🇱🇹 62.60.130.59

🇱🇹 62.60.130.31

🇺🇸 50.87.144.169

🇺🇸 50.87.144.31