AbuseIPDB » 196.189.182.190
196.189.182.190
This IP was reported 9 times. Confidence of
Abuse
is 3% : ?
ISP
Ethio Telecom
Usage Type
Mobile ISP
ASN
AS24757
Domain Name
ethiotelecom.et
Country
๐ช๐น
Ethiopia
City
Nek'emte, Oromiya
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 196.189.182.190 :
This IP address has been reported a total of
9
times from
4 distinct
sources.
196.189.182.190 was first reported on
February 22nd 2024 , and the most recent report was
1 hour ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ฉ๐ช
maxpower
2026-06-04 17:37:27
(1 hour ago)
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 196.189.182.190 (ET/Ethiopia/-): 1 in the las ...
show more
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 196.189.182.190 (ET/Ethiopia/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 196.189.182.190 - - [04/Jun/2026:19:37:22 +0200] "GET /evento2018.php?idapp=1105 HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36" "-" host=www.pescarafestival.it
show less
Port Scan
๐ณ๐ฑ
exxos
2025-08-28 16:03:01
(9 months ago)
http-no-verb
Hacking
๐ณ๐ฑ
exxos
2025-08-28 15:03:01
(9 months ago)
http-no-verb
Hacking
๐ณ๐ฑ
exxos
2025-07-31 02:57:26
(10 months ago)
HTTP1.x attacks
DDoS Attack
๐ณ๐ฑ
exxos
2025-07-29 03:44:58
(10 months ago)
HTTP1.x attacks
DDoS Attack
๐ณ๐ฑ
exxos
2025-07-29 03:07:20
(10 months ago)
HTTP1.x attacks
DDoS Attack
๐บ๐ธ
TPI-Abuse
2024-12-29 11:39:23
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 196.189.182.190 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 196.189.182.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 29 06:39:16.553406 2024] [security2:error] [pid 3382530:tid 3382530] [client 196.189.182.190:36733] [client 196.189.182.190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||persnicketyinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z3E05P5Gw68Zpyyxn7ZmbgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-05-03 12:51:29
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 196.189.182.190 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 196.189.182.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 03 08:51:21.918825 2024] [security2:error] [pid 16215] [client 196.189.182.190:36248] [client 196.189.182.190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.quickasawink.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.quickasawink.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZjTdyRT3JhmoCfLA_HeM8gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
votrewebfacile
2024-02-22 06:41:31
(2 years ago)
xmlrpc abuse
Brute-Force
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: