JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.196.53.132

196.196.53.132 was found in our database!

This IP was reported 185 times. Confidence of Abuse is 87%: ?

87%

ISP	SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41564
Domain Name	fibergrid.co.za
Country	🇱🇻 Latvia
City	Riga, Riga

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.196.53.132

Whois 196.196.53.132

IP Abuse Reports for 196.196.53.132:

This IP address has been reported a total of 185 times from 74 distinct sources. 196.196.53.132 was first reported on August 12th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TAY	2026-06-15 06:57:55 (1 day ago)	196.196.53.132 - - [15/Jun/2026:14:57:05 +0800] "GET /xmlrpc.php HTTP/1.1" 403 6327 "http://batukera ... show more 196.196.53.132 - - [15/Jun/2026:14:57:05 +0800] "GET /xmlrpc.php HTTP/1.1" 403 6327 "http://batukerascafe.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 196.196.53.132 - - [15/Jun/2026:14:57:44 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6171 "-" "Mozilla/5.0 (Linux; Android 14; SM-S918B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36" 196.196.53.132 - - [15/Jun/2026:14:57:49 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6171 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 TAY	2026-06-14 17:59:07 (2 days ago)	196.196.53.132 - - [15/Jun/2026:01:58:56 +0800] "GET /xmlrpc.php HTTP/1.1" 403 6327 "http://batukera ... show more 196.196.53.132 - - [15/Jun/2026:01:58:56 +0800] "GET /xmlrpc.php HTTP/1.1" 403 6327 "http://batukerascafe.com/xmlrpc.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 196.196.53.132 - - [15/Jun/2026:01:59:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6171 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" 196.196.53.132 - - [15/Jun/2026:01:59:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6171 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇭🇳 unph	2026-06-14 09:34:42 (2 days ago)	Intento de acceso sospechoso bloqueado por AbuseIPDB Blocker Plugin	Brute-Force
🇫🇷 SpaceHost-Server	2026-06-14 02:48:19 (3 days ago)	196.196.53.132 - - [14/Jun/2026:04:48:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6368 "-" "Mozilla/5. ... show more 196.196.53.132 - - [14/Jun/2026:04:48:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.2210.91" 196.196.53.132 - - [14/Jun/2026:04:48:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6368 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" 196.196.53.132 - - [14/Jun/2026:04:48:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.2210.91" show less	Hacking Web App Attack
🇺🇸 masterguru	2026-06-14 00:08:31 (3 days ago)	(0-128)	Hacking
🇺🇸 TAY	2026-06-13 23:54:10 (3 days ago)	196.196.53.132 - - [14/Jun/2026:07:53:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6129 "-" "Mozilla/5. ... show more 196.196.53.132 - - [14/Jun/2026:07:53:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6129 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 196.196.53.132 - - [14/Jun/2026:07:53:58 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6129 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15" 196.196.53.132 - - [14/Jun/2026:07:54:04 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6129 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" ... show less	Brute-Force
🇬🇧 noise.agency	2026-06-13 16:03:19 (3 days ago)	(wordpress) Failed wordpress login from 196.196.53.132 (LV/Latvia/-)	Brute-Force
🇬🇧 BRHosting	2026-06-13 15:37:04 (3 days ago)	Wordpress brute force attack for login credentials (eg xmlrc.php or wp-login.php)	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-13 14:54:44 (3 days ago)	(wordpress) Failed wordpress login from 196.196.53.132 (LV/Latvia/-)	Brute-Force
Anonymous	2026-06-13 13:54:23 (3 days ago)	Attac	Brute-Force
🇫🇷 Kenshin869	2026-06-13 08:33:48 (3 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 knock	2026-06-13 07:07:13 (3 days ago)	Knock-Knock honeypot brute-force: proto8 (2 total hits)	Brute-Force
🇫🇷 francoisunix	2026-06-13 06:28:05 (3 days ago)	196.196.53.132 - - [13/Jun/2026:08:27:03 +0200] "POST /xmlrpc.php HTTP/1.1" 401 422 "-" "Mozilla/5.0 ... show more 196.196.53.132 - - [13/Jun/2026:08:27:03 +0200] "POST /xmlrpc.php HTTP/1.1" 401 422 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "196.196.53.132" "www.eco-conscient.com" sn="www.eco-conscient.com" rt=0.740 ua="unix:/var/run/php/php8.2-fpm.sock" us="401" ut="0.740" ul="427" cs=-cf_country="LV" cf_region="Riga" cf_city="Riga"rip=127.0.0.1 cf_ip=196.196.53.132 xff="196.196.53.132" p_xff="196.196.53.132, 196.196.53.132" 196.196.53.132 - - [13/Jun/2026:08:27:09 +0200] "POST /xmlrpc.php HTTP/1.1" 401 422 "-" "Mozilla/5.0 (Linux; Android 14; SM-S918B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36" "196.196.53.132" "www.eco-conscient.com" sn="www.eco-conscient.com" rt=0.725 ua="unix:/var/run/php/php8.2-fpm.sock" us="401" ut="0.725" ul="427" cs=-cf_country="LV" cf_region="Riga" cf_city="Riga"rip=127.0.0.1 cf_ip=196.196.53.132 xff="196.196.53.132" p_xff="196.196.53.132, 196.196.53.132" 196.196.53.132 ... show less	Web App Attack
Anonymous	2026-06-07 01:46:24 (1 week ago)	Failed Wordpress Logins	Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 19:58:00 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 196.196.53.132 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.196.53.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 15:57:53.310129 2026] [security2:error] [pid 18868:tid 18868] [client 196.196.53.132:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.196.53.132 (+1 hits since last alert)\|local639.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "local639.com"] [uri "/xmlrpc.php"] [unique_id "ah3kQauzBsawgm7-RT-WugAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 185 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2600:100c:a220:f0b6:15b5:aba0:7c7d:c957

🇵🇪 179.6.28.138

🇳🇱 176.65.139.31

🇻🇳 125.253.121.228

🇨🇳 115.190.54.120

🇰🇷 112.167.99.220

🇺🇸 64.62.197.68

🇺🇸 40.124.175.52

🇹🇼 221.120.4.61

🇧🇴 181.115.171.219

🇳🇱 176.65.148.244

🇺🇸 173.255.212.137

🇮🇶 169.224.95.228

🇺🇸 162.216.150.73

🇨🇦 159.203.41.203

🇩🇪 139.19.117.197

🇳🇱 45.148.10.151

🇶🇦 20.173.116.24

🇺🇸 205.209.228.95

🇵🇰 203.81.238.61