JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 146.196.37.154

146.196.37.154 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 40%: ?

40%

ISP	Satendra Networks
Usage Type	Fixed Line ISP
ASN	AS133982
Domain Name	excitel.com
Country	🇮🇳 India
City	Patna, Bihar

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 146.196.37.154

Whois 146.196.37.154

IP Abuse Reports for 146.196.37.154:

This IP address has been reported a total of 15 times from 14 distinct sources. 146.196.37.154 was first reported on September 17th 2021, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 10:25:32 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 146.196.37.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 146.196.37.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:25:27.352491 2026] [security2:error] [pid 32087:tid 32087] [client 146.196.37.154:52418] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 146.196.37.154 (+1 hits since last alert)\|idmadventures.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "idmadventures.com"] [uri "/xmlrpc.php"] [unique_id "aiqNFw-SEEuzYgQrTwbGjAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-11 09:41:23 (13 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-11 09:39:57 (13 hours ago)	(wordpress) Failed wordpress login from 146.196.37.154 (IN/India/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 09:32:15 (13 hours ago)	(mod_security) mod_security (id:240335) triggered by 146.196.37.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 146.196.37.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 05:32:07.861375 2026] [security2:error] [pid 23022:tid 23022] [client 146.196.37.154:59975] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 146.196.37.154 (+1 hits since last alert)\|globalsolutions.technology\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globalsolutions.technology"] [uri "/xmlrpc.php"] [unique_id "aiqAl9gqCxA1et88gpVpCQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-11 06:59:53 (16 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-11 05:57:39 (17 hours ago)	[redacted] 146.196.37.154 - - [11/Jun/2026:07:57:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 146.196.37.154 - - [11/Jun/2026:07:57:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 146.196.37.154 - - [11/Jun/2026:07:57:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 146.196.37.154 - - [11/Jun/2026:07:57:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 146.196.37.154 - - [11/Jun/2026:07:57:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 146.196.37.154 - - [11/Jun/2026:07:57:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇩🇪 filstal.org	2026-04-30 15:51:41 (1 month ago)	Bad web bot: Spoofed/obsolete UA (Mozilla/5.0 (compatible; MSIE 5.0; Windows 95; Trident/3.1)). Mass ... show more Bad web bot: Spoofed/obsolete UA (Mozilla/5.0 (compatible; MSIE 5.0; Windows 95; Trident/3.1)). Mass-scanning WordPress plugin. Coordinated large-scale bot attack. show less	Bad Web Bot Web App Attack
🇸🇪 peterh	2025-12-30 06:17:00 (5 months ago)		Email Spam Hacking
🇨🇿 huginet	2025-12-30 03:05:22 (5 months ago)	2025-12-30T04:05:14.446501 hugo.huginet.net auth[621457]: pam_unix(dovecot:auth): authentication fai ... show more 2025-12-30T04:05:14.446501 hugo.huginet.net auth[621457]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=frantisek.tauterman rhost=146.196.37.154 user=frantisek.tauterman 2025-12-30T04:05:22.625956 hugo.huginet.net auth[621457]: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=frantisek.tauterman rhost=146.196.37.154 user=frantisek.tauterman ... show less	Hacking Brute-Force
🇿🇦 maximonline.co.za	2025-12-30 02:22:04 (5 months ago)	Brute Force SMTP AUTH Attack	Brute-Force
🇮🇹 VHosting	2025-12-29 21:38:25 (5 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇪🇸 el-brujo	2025-12-23 05:10:00 (5 months ago)	DDoS Attack Layer 7	DDoS Attack
🇳🇱 exxos	2025-09-01 00:08:19 (9 months ago)	Attacks with Bad user agents	Hacking
Anonymous	2024-03-18 13:33:04 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 ps-center	2021-09-17 07:44:47 (4 years ago)	C1,WP GET /wp-login.php	Web Spam Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.180

🇺🇸 198.44.159.109

🇲🇽 187.191.48.22

🇳🇱 185.223.235.57

🇫🇷 185.187.169.24

🇨🇳 106.52.49.148

🇫🇷 62.171.176.188

🇨🇳 47.97.127.96

🇫🇷 37.58.136.133

🇩🇪 213.209.159.56

🇺🇸 165.154.254.143

🇺🇸 2400:cb00:960:1000:7cdf:bc75:bf9b:59a5

🇰🇷 211.46.177.174

🇺🇸 108.181.23.71

🇺🇸 103.195.100.210

🇺🇸 66.132.172.110

🇳🇱 46.23.108.183

🇸🇪 216.58.201.194

🇮🇳 182.18.161.165

🇸🇪 130.49.112.151