JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 190.97.245.43

190.97.245.43 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 76%: ?

76%

ISP	VIGINET C.A
Usage Type	Fixed Line ISP
ASN	AS263703
Hostname(s)	ip-190-97-245-43.viginet.com.ve
Domain Name	viginet.com.ve
Country	🇻🇪 Venezuela (Bolivarian Republic of)
City	El Vigia, Merida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 190.97.245.43

Whois 190.97.245.43

IP Abuse Reports for 190.97.245.43:

This IP address has been reported a total of 45 times from 35 distinct sources. 190.97.245.43 was first reported on February 24th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-06-23 04:30:15 (17 hours ago)	(wordpress) Failed wordpress login from 190.97.245.43 (VE/Venezuela/ip-190-97-245-43.viginet.com.ve) ... show more (wordpress) Failed wordpress login from 190.97.245.43 (VE/Venezuela/ip-190-97-245-43.viginet.com.ve): (CF_ENABLE) show less	Brute-Force
🇫🇷 dynamix	2026-06-23 04:29:14 (17 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-23 00:23:59 (21 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC VE/Venezuela/ip-190-97-245-43.viginet.com.ve	Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 00:00:14 (21 hours ago)	(mod_security) mod_security (id:240335) triggered by 190.97.245.43 (ip-190-97-245-43.viginet.com.ve) ... show more (mod_security) mod_security (id:240335) triggered by 190.97.245.43 (ip-190-97-245-43.viginet.com.ve): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 20:00:01.742517 2026] [security2:error] [pid 10606:tid 10606] [client 190.97.245.43:62308] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 190.97.245.43 (+1 hits since last alert)\|smilingorc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smilingorc.com"] [uri "/xmlrpc.php"] [unique_id "ajnMgTRgK-vxfQ_5QjVP2gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 21:24:55 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 190.97.245.43 (ip-190-97-245-43.viginet.com.ve) ... show more (mod_security) mod_security (id:240335) triggered by 190.97.245.43 (ip-190-97-245-43.viginet.com.ve): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:24:48.409617 2026] [security2:error] [pid 498:tid 498] [client 190.97.245.43:7743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 190.97.245.43 (+1 hits since last alert)\|brbcash.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "brbcash.com"] [uri "/xmlrpc.php"] [unique_id "ajmoIKTWB3YS6sVsTvFmsgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-17 01:33:23 (6 days ago)	Scanning for port/service exploits on tpc-036.mach3builders.nl	Port Scan Hacking
🇩🇪 Vegascosmetics	2026-06-11 17:47:15 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security	DDoS Attack Hacking Exploited Host
🇨🇦 polycoda	2026-06-11 10:57:35 (1 week ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack
🇪🇸 el-brujo	2026-06-06 21:36:51 (2 weeks ago)	Cloudflare WAF: Request Path: /index.php Request Query: ?PHPSESSID=vgqcrqu35sfv2emtctq1qh6jpb&msg=21 ... show more Cloudflare WAF: Request Path: /index.php Request Query: ?PHPSESSID=vgqcrqu35sfv2emtctq1qh6jpb&msg=2167091 Host: forum.elhacker.net userAgent: Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.01; Trident/4.0) Action: log Source: firewallManaged ASN Description: VIGINET C.A Country: VE Method: GET Timestamp: 2026-06-06T21:36:51Z ruleId: 017d4edd6754438087991348543c4667. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:59:29 (3 weeks ago)	(mod_security) mod_security (id:240335) triggered by 190.97.245.43 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 190.97.245.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:59:22.283481 2026] [security2:error] [pid 31513:tid 31526] [client 190.97.245.43:54806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 190.97.245.43 (+1 hits since last alert)\|thecraftsycat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thecraftsycat.com"] [uri "/xmlrpc.php"] [unique_id "ah3yqoCwP9-QU_blC77AswAAAMk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-01 06:23:50 (3 weeks ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 integrantservices.com	2026-05-31 02:43:08 (3 weeks ago)	(wordpress) Failed wordpress login from 190.97.245.43 (VE/Venezuela/-)	Brute-Force
🇦🇺 screwlooseit.com.au	2026-05-31 02:12:22 (3 weeks ago)	Blocked by CSF 13 firewall - Rule: XMLRPC VE/Venezuela/-	Web App Attack
🇨🇭 Mario Bretscher	2026-05-31 02:11:41 (3 weeks ago)	May 31 04:11:29 tubegrabe-stafel.ch Cerber(tubegrabe-stafel.ch)[1760284]: Authentication failure for ... show more May 31 04:11:29 tubegrabe-stafel.ch Cerber(tubegrabe-stafel.ch)[1760284]: Authentication failure for marbr from 190.97.245.43 May 31 04:11:39 tubegrabe-stafel.ch Cerber(tubegrabe-stafel.ch)[1760217]: Authentication failure for marbr from 190.97.245.43 ... show less	Web Spam
Anonymous	2026-05-31 01:12:17 (3 weeks ago)	Attac	Brute-Force

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 111.68.107.91

🇬🇧 87.236.176.245

🇺🇸 44.17.174.59

🇨🇦 2607:f8b0:4023:1801::129

🇺🇸 205.210.31.36

🇺🇸 198.62.5.235

🇬🇧 193.176.29.24

🇺🇸 162.216.150.137

🇨🇳 106.54.193.198

🇺🇸 44.10.68.151

🇮🇩 180.252.147.158

🇺🇸 172.253.8.146

🇩🇪 167.94.145.19

🇭🇰 154.221.28.214

🇺🇸 141.11.88.3

🇺🇸 130.131.162.132

🇧🇷 129.121.32.44

🇭🇰 124.156.133.69

🇯🇵 111.238.174.6

🇨🇳 106.89.58.82