JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.202.50.26

196.202.50.26 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 85%: ?

85%

ISP	TE Data
Usage Type	Fixed Line ISP
ASN	AS8452
Domain Name	tedata.net
Country	🇪🇬 Egypt
City	Tanta, Gharbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.202.50.26

Whois 196.202.50.26

IP Abuse Reports for 196.202.50.26:

This IP address has been reported a total of 28 times from 16 distinct sources. 196.202.50.26 was first reported on May 28th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-04 18:06:30 (12 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 14:24:39 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:24:32.779445 2026] [security2:error] [pid 6399:tid 6399] [client 196.202.50.26:52655] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.202.50.26 (+1 hits since last alert)\|abundancecompany.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abundancecompany.com"] [uri "/xmlrpc.php"] [unique_id "aiGKoI0oSOvpdCtZMm78WQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-04 01:54:57 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-04 01:54:13 (1 day ago)	[redacted] 196.202.50.26 - - [04/Jun/2026:03:53:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ... show more [redacted] 196.202.50.26 - - [04/Jun/2026:03:53:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 196.202.50.26 - - [04/Jun/2026:03:53:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 196.202.50.26 - - [04/Jun/2026:03:53:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" [redacted] 196.202.50.26 - - [04/Jun/2026:03:54:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site52961367.com" [redacted] 196.202.50.26 - - [04/Jun/2026:03:54:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇩🇪 konseptit	2026-06-03 21:19:35 (1 day ago)	(wordpress) Failed wordpress login from 196.202.50.26 (EG/Egypt/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-03 18:36:00 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 14:35:52.878972 2026] [security2:error] [pid 25294:tid 25294] [client 196.202.50.26:50403] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.202.50.26 (+1 hits since last alert)\|femalegamblers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "femalegamblers.org"] [uri "/xmlrpc.php"] [unique_id "aiB0CNg1yjkL4MkNVz8aVQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 17:12:51 (2 days ago)	Fail2ban filtered ...	Web App Attack
🇩🇪 konseptit	2026-06-02 13:59:50 (2 days ago)	(wordpress) Failed wordpress login from 196.202.50.26 (EG/Egypt/-)	Brute-Force
🇩🇪 netclix.gr	2026-06-02 03:21:12 (3 days ago)	(wordpress) Failed wordpress login from 196.202.50.26 (EG/Egypt/-): (CF_ENABLE)	Brute-Force
🇩🇪 ger-stg-sifi1	2026-06-02 03:20:53 (3 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 abdubhai	2026-06-02 02:50:36 (3 days ago)	196.202.50.26 - - [02/Jun/2026:0 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-01 20:46:46 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:46:40.316270 2026] [security2:error] [pid 17944:tid 17944] [client 196.202.50.26:55521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.202.50.26 (+1 hits since last alert)\|pcga.golf\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pcga.golf"] [uri "/xmlrpc.php"] [unique_id "ah3vsMbRE0AMUAQCoDP8zAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:21:22 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:21:14.136860 2026] [security2:error] [pid 21415:tid 21415] [client 196.202.50.26:52760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.202.50.26 (+1 hits since last alert)\|abeltours.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abeltours.com"] [uri "/xmlrpc.php"] [unique_id "ah3puoJFsBPBhpt4jaZmHAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 19:02:15 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:02:08.771581 2026] [security2:error] [pid 28129:tid 28129] [client 196.202.50.26:55171] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.202.50.26 (+1 hits since last alert)\|fundaciondamashcc.org.ec\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundaciondamashcc.org.ec"] [uri "/xmlrpc.php"] [unique_id "ah3XMHgaDmofFCwyfQ6FlAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 18:43:48 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 196.202.50.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 14:43:41.068958 2026] [security2:error] [pid 23713:tid 23713] [client 196.202.50.26:55422] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.202.50.26 (+1 hits since last alert)\|frogdesignmexico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frogdesignmexico.com"] [uri "/xmlrpc.php"] [unique_id "ah3S3TTLiev4s5KZLGsK_wAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 198.244.240.36

🇳🇴 185.12.59.117

🇩🇪 167.94.146.42

🇯🇵 103.163.220.251

🇺🇸 64.62.197.227

🇬🇧 35.203.210.213

🇪🇸 5.182.83.231

🇬🇧 193.163.125.11

🇳🇱 185.242.226.60

🇺🇸 146.88.241.174

🇨🇳 118.122.147.49

🇲🇦 81.192.46.36

🇺🇸 66.132.172.188

🇺🇸 54.89.178.178

🇳🇱 45.148.10.67

🇧🇪 34.156.61.86

🇰🇷 1.176.118.246

🇮🇳 205.254.176.152

🇧🇷 205.210.31.246

🇧🇷 188.208.116.149