JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.196.53.86

196.196.53.86 was found in our database!

This IP was reported 889 times. Confidence of Abuse is 39%: ?

39%

ISP	SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41564
Domain Name	fibergrid.co.za
Country	🇱🇻 Latvia
City	Riga, Riga

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.196.53.86

Whois 196.196.53.86

IP Abuse Reports for 196.196.53.86:

This IP address has been reported a total of 889 times from 183 distinct sources. 196.196.53.86 was first reported on September 1st 2022, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 05:59:07 (3 hours ago)	(mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 01:58:59.692629 2026] [security2:error] [pid 25185:tid 25185] [client 196.196.53.86:63819] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|www.abundancecompany.com\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "www.abundancecompany.com"] [uri "/license.txt"] [unique_id "aj4VI9Wbt7QUH_ql2BvtJgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 04:42:23 (4 hours ago)	(mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:42:16.390291 2026] [security2:error] [pid 3785:tid 3785] [client 196.196.53.86:55641] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|abirdnamedfart.com\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "abirdnamedfart.com"] [uri "/license.txt"] [unique_id "aj4DKPD69_a1pbs-KyF6gwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 02:27:14 (6 hours ago)	(mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 22:27:10.783135 2026] [security2:error] [pid 25772:tid 25772] [client 196.196.53.86:30383] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|aarentes.com\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "aarentes.com"] [uri "/license.txt"] [unique_id "aj3jftvs9AvACTppqCxiuwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 01:36:39 (7 hours ago)	(mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:36:36.047858 2026] [security2:error] [pid 4759:tid 4759] [client 196.196.53.86:56487] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|aaabft.com\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "aaabft.com"] [uri "/license.txt"] [unique_id "aj3XpAKj73uKJHQ0sgZ69AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 01:11:28 (7 hours ago)	(mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210801) triggered by 196.196.53.86 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:11:20.610311 2026] [security2:error] [pid 24242:tid 24253] [client 196.196.53.86:60321] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|a2zlns.com\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "a2zlns.com"] [uri "/license.txt"] [unique_id "aj3RuMMF3Fggd-L1BC2TcQAAAIk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Nicolmn	2026-06-09 06:18:35 (2 weeks ago)	Web form spam ( id fm.l )	Web Spam
🇺🇸 nowyouknow	2026-06-09 02:58:50 (2 weeks ago)	(From [email protected]) IMPORTANT MESSAGE! ACT SWIFTLY TO WITHDRAW YOUR 1.3426 BTC https: ... show more (From [email protected]) IMPORTANT MESSAGE! ACT SWIFTLY TO WITHDRAW YOUR 1.3426 BTC https://plu.sh/vb8gf show less	Phishing Web Spam
🇦🇺 oncord	2026-06-09 01:14:00 (2 weeks ago)	Form spam	Web Spam
🇮🇹 sssrit	2026-06-01 05:54:55 (3 weeks ago)	196.196.53.86 - - [01/Jun/2026:07:54:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 476 "-" "Mozilla/5.0 ... show more 196.196.53.86 - - [01/Jun/2026:07:54:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 476 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 196.196.53.86 - - [01/Jun/2026:07:54:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 476 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 196.196.53.86 - - [01/Jun/2026:07:54:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 476 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" ... show less	Web App Attack
🇬🇧 consul.to	2026-05-28 15:27:34 (4 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-26 11:51:15 (4 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 spamblock	2026-05-23 19:10:11 (1 month ago)	Form submission marked as spam by user kp_5c0ee70aeaa549a688d216157c75b565 for form DmaWwxUGo9T7	Port Scan
🇦🇺 oncord	2026-05-22 12:31:37 (1 month ago)	Form spam	Web Spam
🇮🇹 Progetto1	2026-05-22 11:40:03 (1 month ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇬🇧 consul.to	2026-05-14 06:09:15 (1 month ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 889 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 195.140.214.29

🇬🇧 31.14.254.82

🇺🇸 198.2.182.222

🇭🇰 194.187.178.190

🇷🇺 176.112.128.143

🇳🇱 176.65.148.156

🇨🇳 175.178.58.190

🇭🇰 101.36.111.155

🇺🇸 54.89.101.141

🇪🇸 208.76.222.136

🇬🇧 195.140.214.25

🇺🇸 172.234.200.228

🇨🇳 157.156.242.184

🇺🇸 65.49.1.158

🇮🇳 45.10.194.247

🇸🇬 8.219.165.42

🇨🇿 194.145.183.60

🇲🇴 182.93.50.90

🇳🇱 176.65.148.197

🇺🇸 162.216.150.214