JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.244.192.43

196.244.192.43 was found in our database!

This IP was reported 96 times. Confidence of Abuse is 26%: ?

26%

ISP	SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58065
Domain Name	fibergrid.co.za
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.244.192.43

Whois 196.244.192.43

IP Abuse Reports for 196.244.192.43:

This IP address has been reported a total of 96 times from 43 distinct sources. 196.244.192.43 was first reported on July 31st 2025, and the most recent report was 57 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 matthieul.dev	2026-06-25 20:25:27 (57 minutes ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp,udp, ports=41722	Port Scan Brute-Force
🇺🇸 xmission.com	2026-05-20 03:57:40 (1 month ago)	Blocked by UFW (TCP on 56388) Source port: 35670 TTL: 105 Packet length: 52 TOS: 0x08 This report ( ... show more Blocked by UFW (TCP on 56388) Source port: 35670 TTL: 105 Packet length: 52 TOS: 0x08 This report (for 196.244.192.43) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇦 Mediashaker	2026-05-12 18:20:32 (1 month ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 196.244.192.43 (FI/Finla ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 196.244.192.43 (FI/Finland/-) show less	Port Scan
🇩🇪 LRob.fr	2026-05-12 15:15:13 (1 month ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 mnsf	2026-05-12 13:05:46 (1 month ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇮🇹 VHosting	2026-05-12 09:55:03 (1 month ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 09:09:41 (1 month ago)	(mod_security) mod_security (id:234930) triggered by 196.244.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:234930) triggered by 196.244.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 05:09:34.385681 2026] [security2:error] [pid 3305:tid 3305] [client 196.244.192.43:62287] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)\|\|www.connectigramme.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.connectigramme.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "agLuTlW-iAtL4xOgur8ibgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 23:27:42 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 196.244.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 196.244.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 19:27:39.602009 2026] [security2:error] [pid 3816379:tid 3816379] [client 196.244.192.43:50623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|eduempowermentsolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eduempowermentsolutions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeAe6-Xx48tDKooUQijFagAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 22:46:29 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 196.244.192.43 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 196.244.192.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 18:46:24.732176 2026] [security2:error] [pid 2789209:tid 2789209] [client 196.244.192.43:55041] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|edgebiopharma.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edgebiopharma.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeAVQFp_Lmr62o1oBw2CRAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-04-15 21:27:20 (2 months ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 nyt	2026-04-15 21:16:46 (2 months ago)	WP User Enumeration, WP Author Enumeration	Web App Attack
🇬🇧 Axel	2026-03-10 08:16:02 (3 months ago)	Blocked by ModSecurity. Rule ID: 210730 Message: COMODO WAF: URL file extension is restricted by pol ... show more Blocked by ModSecurity. Rule ID: 210730 Message: COMODO WAF: URL file extension is restricted by policy\|\|proxy-server.link\|F\|2 Phase: 2 Severity: CRITICAL URI: /backup/mysql.sql Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇮🇳 Mr.Singh	2026-03-04 09:30:43 (3 months ago)	NFT blocked 196.244.192.43 on 04-Mar-2026..	Port Scan Brute-Force
🇬🇧 Axel	2026-02-24 22:24:01 (4 months ago)	Blocked by ModSecurity. Rule ID: 210730 Message: COMODO WAF: URL file extension is restricted by pol ... show more Blocked by ModSecurity. Rule ID: 210730 Message: COMODO WAF: URL file extension is restricted by policy\|\|proxy-server.link\|F\|2 Phase: 2 Severity: CRITICAL URI: /back/backup.sql Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇪🇸 gnom4ik	2026-02-20 20:59:22 (4 months ago)	ban-reviewer auto report; ip=196.244.192.43; scenario=http:scan; verdict=valid_ban; confidence=0.85; ... show more ban-reviewer auto report; ip=196.244.192.43; scenario=http:scan; verdict=valid_ban; confidence=0.85; categories=14; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=IP flagged for 'http:scan' scenario; Port Scan (category 14) detected in abuseipdb context; No evidence of legitimate activity or high-volume requests show less	Port Scan

Showing 1 to 15 of 96 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.226.17.34

🇪🇸 213.94.45.194

🇧🇷 201.49.224.51

🇺🇸 166.88.238.155

🇺🇸 147.185.132.10

🇩🇪 94.26.106.253

🇳🇱 91.92.40.13

🇳🇱 91.92.40.8

🇨🇦 64.178.152.40

🇩🇪 47.245.138.123

🇲🇴 23.148.24.117

🇺🇸 8.229.175.254

🇨🇳 223.109.252.236

🇺🇸 205.210.31.57

🇿🇦 196.32.249.44

🇷🇺 176.213.7.141

🇨🇳 106.44.5.133

🇺🇦 91.203.164.66

🇮🇪 80.233.55.222

🇺🇸 66.132.172.145