JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.53.148.143

194.53.148.143 was found in our database!

This IP was reported 110 times. Confidence of Abuse is 24%: ?

24%

ISP	Pablo Sarria Perez
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210181
Hostname(s)	web4.open6hosting.com
Domain Name	open6hosting.com
Country	🇪🇸 Spain
City	Sarria, Galicia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.53.148.143

Whois 194.53.148.143

IP Abuse Reports for 194.53.148.143:

This IP address has been reported a total of 110 times from 39 distinct sources. 194.53.148.143 was first reported on March 8th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Mangelot Hosting	2026-06-15 03:59:42 (1 week ago)	(wp_login_try) srv104 WP Login Attempt 194.53.148.143 (ES/Spain/web4.open6hosting.com): 10 in the la ... show more (wp_login_try) srv104 WP Login Attempt 194.53.148.143 (ES/Spain/web4.open6hosting.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
Anonymous	2026-06-14 14:12:42 (1 week ago)	[redacted] 194.53.148.143 - - [14/Jun/2026:16:12:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 263 "-" " ... show more [redacted] 194.53.148.143 - - [14/Jun/2026:16:12:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0" [redacted] 194.53.148.143 - - [14/Jun/2026:16:12:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0" [redacted] 194.53.148.143 - - [14/Jun/2026:16:12:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0" [redacted] 194.53.148.143 - - [14/Jun/2026:16:12:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0" [redacted] 194.53.148.143 - - [14/Jun/2026:16:12:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 263 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0" [redacted] 194.53.148.143 - - [14/Jun/2026:16:12:38 +0200] "POST /xmlrpc.php HTTP/1.1" 20 ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 03:56:54 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:56:51.014426 2026] [security2:error] [pid 1944:tid 1944] [client 194.53.148.143:57686] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.nextstepplus.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nextstepplus.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ai4mg8EgnAS9RT_wLTvpPgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 22:36:34 (1 week ago)	[redacted] 194.53.148.143 - - [14/Jun/2026:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" " ... show more [redacted] 194.53.148.143 - - [14/Jun/2026:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0" [redacted] 194.53.148.143 - - [14/Jun/2026:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0" [redacted] 194.53.148.143 - - [14/Jun/2026:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0" [redacted] 194.53.148.143 - - [14/Jun/2026:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0" [redacted] 194.53.148.143 - - [14/Jun/2026:00:36:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" apoll ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 21:32:14 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 17:32:07.423666 2026] [security2:error] [pid 14781:tid 14781] [client 194.53.148.143:53408] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.innolympics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.innolympics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai3MV2DLM0qTskne5K7tpgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 20:00:04 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:59:56.611899 2026] [security2:error] [pid 24745:tid 24745] [client 194.53.148.143:60732] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.disio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.disio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai22vASwrnIYylDtAiRlJwAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 13:22:03 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:21:57.148718 2026] [security2:error] [pid 2451:tid 2451] [client 194.53.148.143:44562] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|newmooncafe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newmooncafe.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai1Zdfa79mGCUPC2mrhXCQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-13 02:13:22 (2 weeks ago)	(modsecurity) srv101 ModSecurity 194.53.148.143 (ES/Spain/web4.open6hosting.com): 10 in the last 360 ... show more (modsecurity) srv101 ModSecurity 194.53.148.143 (ES/Spain/web4.open6hosting.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇳🇱 debestelapp	2026-06-06 13:20:04 (3 weeks ago)		Exploited Host
🇺🇸 TPI-Abuse	2026-06-06 05:28:08 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 01:28:00.706269 2026] [security2:error] [pid 17980:tid 17980] [client 194.53.148.143:48782] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kavahawaii.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kavahawaii.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiOv4EwXMx0JXJ-DHT58lQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 02:03:23 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 22:03:19.275286 2026] [security2:error] [pid 5553:tid 5594] [client 194.53.148.143:46310] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.guitarprimer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.guitarprimer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiN_5zeXGV6MvEAPrTCf1QAAAE4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 00:04:34 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.143 (web4.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 20:04:29.107846 2026] [security2:error] [pid 31493:tid 31493] [client 194.53.148.143:49200] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|allfloridamedia.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "allfloridamedia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiNkDRElDDDVYW9wmTWopwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-05 05:42:56 (3 weeks ago)	(modsecurity) srv104 ModSecurity 194.53.148.143 (ES/Spain/web4.open6hosting.com): 10 in the last 360 ... show more (modsecurity) srv104 ModSecurity 194.53.148.143 (ES/Spain/web4.open6hosting.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 Guy Azouri	2023-04-19 10:00:37 (3 years ago)	Wordpress admin bruteforce attempt	Brute-Force
🇬🇧 Guy Azouri	2023-04-19 10:00:37 (3 years ago)	Wordpress admin bruteforce attempt	Brute-Force

Showing 1 to 15 of 110 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.178.112.156

🇺🇸 172.110.223.203

🇭🇳 45.181.86.72

🇺🇸 172.215.145.207

🇨🇳 106.63.26.14

🇳🇱 89.248.167.131

🇪🇸 82.223.15.252

🇱🇹 62.60.130.219

🇺🇸 44.72.10.62

🇰🇷 218.149.228.161

🇧🇷 144.22.238.238

🇺🇸 96.78.175.36

🇺🇸 50.6.248.168

🇪🇸 44.30.162.52

🇳🇱 5.61.209.92

🇺🇸 2607:f8b0:400e:c05::129

🇬🇧 195.206.182.198

🇺🇸 44.170.77.149

🇬🇧 35.203.211.56

🇬🇧 185.127.69.236