This IP address has been reported a total of
6
times from
6 distinct
sources.
196.190.81.56 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
Large-scale coordinated botnet (666+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ...
show moreLarge-scale coordinated botnet (666+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) | Attack Signature Blocked: /brands/shopby/manufacturer-panasonic-optoma-bosch-beyerdynamic-rcf-lsi-ask_proxima-projectiondesign-xyz.html | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 | (Magento Site)
show less
Fail2Ban: 196.190.81.56 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5. ...
show moreFail2Ban: 196.190.81.56 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
show less
(mod_security) mod_security (id:240950) triggered by 196.190.81.56 (-): 1 in the last 300 secs; Port ...
show more(mod_security) mod_security (id:240950) triggered by 196.190.81.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 19 12:57:26.038531 2026] [security2:error] [pid 27757:tid 27757] [client 196.190.81.56:16617] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||beckersystems.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "beckersystems.net"] [uri "/beckerwiki/index.php"] [unique_id "aW5whg999dj9n2f6LP3rOAAAAAc"], referer: http://beckersystems.net/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show moreDistributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Bad Web Bot
Exploited Host
Showing 1 to
6
of 6 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ