JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.244.192.46

196.244.192.46 was found in our database!

This IP was reported 706 times. Confidence of Abuse is 20%: ?

20%

ISP	SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58065
Domain Name	fibergrid.co.za
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.244.192.46

Whois 196.244.192.46

IP Abuse Reports for 196.244.192.46:

This IP address has been reported a total of 706 times from 188 distinct sources. 196.244.192.46 was first reported on December 23rd 2020, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 VHosting	2026-05-12 11:05:03 (3 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 mnsf	2026-05-12 10:05:05 (3 weeks ago)	Too many Status 40X (11)	Brute-Force Web App Attack
Anonymous	2026-04-26 22:05:13 (1 month ago)	(wordpress) Failed wordpress login from 196.244.192.46 (FI/Finland/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-04-15 22:46:41 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 18:46:34.042440 2026] [security2:error] [pid 702926:tid 702926] [client 196.244.192.46:32221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|edgecomix.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edgecomix.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeAVSnxoQmwPGnxaodVKkAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-04-15 21:36:35 (1 month ago)	(wordpress) Failed wordpress login from 196.244.192.46 (FI/Finland/Uusimaa/Helsinki/-/[redacted]): ... show more (wordpress) Failed wordpress login from 196.244.192.46 (FI/Finland/Uusimaa/Helsinki/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-03-09 02:59:15 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 08 22:59:10.120328 2026] [security2:error] [pid 5285:tid 5285] [client 196.244.192.46:37271] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|jussetcotradinglimited.co\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jussetcotradinglimited.co"] [uri "/restore/mysql.sql"] [unique_id "aa43forZMwYGoZZ5WUjfNQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 xyz.rip	2026-02-24 22:11:31 (3 months ago)	WAF Violation ...	Hacking Web App Attack
🇫🇮 gnom4ik	2026-02-22 03:51:09 (3 months ago)	ban-reviewer auto report; ip=196.244.192.46; scenario=http:scan; verdict=valid_ban; confidence=0.90; ... show more ban-reviewer auto report; ip=196.244.192.46; scenario=http:scan; verdict=valid_ban; confidence=0.90; categories=14,15,18,22; active_decisions=1; lookback_decisions=1; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=scan/exploit pattern detected (http:scan scenario); ip has been banned previously (ip_active_decisions_total: 1); abuseipdb categories match scan/attack patterns (Port Scan, Hacking, Brute-Force, SSH) show less	Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-02-13 05:54:44 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:54:40.097700 2026] [security2:error] [pid 23496:tid 23496] [client 196.244.192.46:48477] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bitcoinsquaretrade.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsquaretrade.com"] [uri "/back/mysql.sql"] [unique_id "aY68oI3620NbxrY0sh7ZAgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-10 06:05:58 (3 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 conseilgouz	2026-02-10 05:30:04 (3 months ago)	vee-7 : Trying access unauthorized files/dir=>/wp-includes/css/dist/	Hacking
🇸🇬 Cloudkul Cloudkul	2026-02-10 04:52:08 (3 months ago)	Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show more Attempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less	Brute-Force Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-02-09 07:39:04 (3 months ago)	Web vulnerability scanning	Web Spam Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-08 10:30:09 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 196.244.192.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 05:30:00.557747 2026] [security2:error] [pid 1202:tid 1202] [client 196.244.192.46:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kryptonome.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kryptonome.com"] [uri "/bak/sql.sql"] [unique_id "aYhlqEzA_oHiP3KdHoJD5QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Penny Packer	2026-02-06 11:33:00 (3 months ago)	Fail2Ban apache-tripwires	Web App Attack

Showing 1 to 15 of 706 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.93

🇫🇷 163.172.143.147

🇨🇳 106.13.107.71

🇫🇷 51.255.131.231

🇺🇸 20.84.145.62

🇺🇦 185.17.125.68

🇧🇴 181.188.176.242

🇵🇱 178.219.98.126

🇩🇪 167.94.146.55

🇺🇸 162.216.149.72

🇵🇰 153.117.8.174

🇮🇩 125.166.13.201

🇭🇰 123.58.213.128

🇨🇳 118.145.238.115

🇭🇰 118.26.39.231

🇵🇹 109.50.185.153

🇨🇳 106.12.148.154

🇺🇸 66.69.46.244

🇨🇳 14.103.34.138

🇮🇹 217.26.179.91