JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.189.225.111

196.189.225.111 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 12%: ?

12%

ISP	Ethio Telecom
Usage Type	Fixed Line ISP
ASN	AS24757
Domain Name	ethiotelecom.et
Country	🇪🇹 Ethiopia
City	Nazret, Oromiya

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.189.225.111

Whois 196.189.225.111

IP Abuse Reports for 196.189.225.111:

This IP address has been reported a total of 15 times from 13 distinct sources. 196.189.225.111 was first reported on May 23rd 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 09:39:09 (3 days ago)	(wordpress) Failed wordpress login from 196.189.225.111 (ET/Ethiopia/-)	Brute-Force
🇯🇵 pixelboost.kr	2026-05-29 23:49:36 (3 weeks ago)	196.189.225.111 - - [30/May/2026:08:49:36 +0900] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Window ... show more 196.189.225.111 - - [30/May/2026:08:49:36 +0900] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇳🇱 VMHeaven.io	2026-01-13 13:48:54 (5 months ago)	Blocked by UFW [60023/tcp] Source port: 10441 TTL: 45 Packet length: 60	Port Scan
🇦🇹 urnilxfgbez	2026-01-09 23:45:00 (5 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-01-09 05:28:30 (5 months ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-01-09 04:12:12 (5 months ago)	tcp/2323 (2 or more attempts)	Port Scan
🇩🇪 ps-center	2026-01-08 22:48:19 (5 months ago)	SS1-W: TCP-Scanner. Port: 23	Port Scan
Anonymous	2026-01-08 14:56:19 (5 months ago)	Unauthorized connection attempt on Port 2323	Port Scan Hacking Exploited Host
🇪🇸 el-brujo	2025-12-18 19:15:00 (6 months ago)	DDoS Attack Layer 7 Meri Botnet	DDoS Attack
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
Anonymous	2025-11-23 09:49:19 (6 months ago)	scanning http requests from known botnet	Web App Attack
🇳🇱 exxos	2025-08-01 11:06:09 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇪🇸 Global Cyber Police	2025-07-27 13:04:52 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack
🇪🇸 Global Cyber Police	2025-07-27 13:04:52 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack
🇵🇹 rnl	2025-05-23 12:26:48 (1 year ago)	postfix (unknown user, SPF fail or relay access denied)	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 82.19.12.103

🇵🇱 45.141.233.195

🇬🇧 35.203.210.188

🇬🇧 209.97.141.74

🇹🇼 198.235.24.108

🇲🇿 197.242.170.10

🇺🇸 185.226.198.4

🇺🇸 173.244.60.241

🇮🇹 172.253.228.151

🇻🇳 125.212.244.35

🇨🇳 112.51.27.82

🇭🇰 103.229.125.106

🇷🇴 80.94.92.167

🇳🇱 5.255.121.192

🇺🇸 185.191.171.13

🇯🇵 133.18.122.63

🇮🇳 122.185.101.50

🇸🇬 119.28.101.155

🇺🇸 104.22.1.116

🇮🇩 103.168.135.187