JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.245.54.130

196.245.54.130 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 59%: ?

59%

ISP	SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58065
Domain Name	fibergrid.co.za
Country	🇪🇸 Spain
City	Valencia, Valencia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.245.54.130

Whois 196.245.54.130

IP Abuse Reports for 196.245.54.130:

This IP address has been reported a total of 23 times from 13 distinct sources. 196.245.54.130 was first reported on July 13th 2025, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 02:51:00 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 196.245.54.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.245.54.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:50:53.946812 2026] [security2:error] [pid 1153:tid 1259] [client 196.245.54.130:31757] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.245.54.130 (+1 hits since last alert)\|www.gilesrentalcars.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.gilesrentalcars.com"] [uri "/xmlrpc.php"] [unique_id "ajyXjW0IlBVWiZrRCQbPnwAAAJI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 pscriptos	2026-06-25 02:20:40 (4 hours ago)	{"ClientAddr":"196.245.54.130:63169","ClientHost":"196.245.54.130","ClientPort":"63169","ClientUsern ... show more {"ClientAddr":"196.245.54.130:63169","ClientHost":"196.245.54.130","ClientPort":"63169","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":122362045,"OriginContentSize":418,"OriginDuration":119335431,"OriginStatus":403,"Overhead":3026614,"RequestAddr":"www.cleveradmin.de","RequestContentSize":294,"RequestCount":1367903,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-25T04:20:34.027574658+02:00","StartUTC":"2026-06-25T02:20:34.027574658Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-25T04:20:34+02:00"} {"ClientAddr":"196.245.54.130:58523","ClientHost":"196.245.54.130","ClientPort" ... show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-25 01:50:22 (5 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 masterguru	2026-06-25 01:45:45 (5 hours ago)	(XMLRPC) WP XMLPRC Attack 196.245.54.130 (ES/Spain/-): 10 in the last 3600 secs (0-173)	Hacking
🇫🇷 SpaceHost-Server	2026-06-25 00:38:44 (6 hours ago)	196.245.54.130 - - [25/Jun/2026:02:38:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6358 "-" "Mozilla/5. ... show more 196.245.54.130 - - [25/Jun/2026:02:38:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6358 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 196.245.54.130 - - [25/Jun/2026:02:38:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6358 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 196.245.54.130 - - [25/Jun/2026:02:38:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6358 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇦🇺 paulshipley.com.au	2026-06-24 23:51:09 (7 hours ago)	[Thu Jun 25 09:51:06.558055 2026] [security2:error] [pid 453398] [client 196.245.54.130:55627] [clie ... show more [Thu Jun 25 09:51:06.558055 2026] [security2:error] [pid 453398] [client 196.245.54.130:55627] [client 196.245.54.130] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dance4fitness.com.au"] [uri "/xmlrpc.php"] [unique_id "ajxtah0OcWVO2ZSWH3J7GAAAAAI"] ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 23:32:31 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 196.245.54.130 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.245.54.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:32:25.919217 2026] [security2:error] [pid 10183:tid 10187] [client 196.245.54.130:27709] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.245.54.130 (+1 hits since last alert)\|minutosrobados.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "minutosrobados.com"] [uri "/xmlrpc.php"] [unique_id "ajxpCcjIMjCNKAZioDThhAAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 taivas.nl	2026-06-24 23:32:13 (7 hours ago)	Wordpress_login_attempts	Bad Web Bot
🇨🇦 KIsmay	2026-06-24 23:21:29 (7 hours ago)	Jun 24 19:20:38 www4 WPAudit[3082661]: 196.245.54.130 lemoncreekcampground.ca "Mozilla/5.0 (Windows ... show more Jun 24 19:20:38 www4 WPAudit[3082661]: 196.245.54.130 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:Qwerty1! FAIL Jun 24 19:20:44 www4 WPAudit[3082661]: 196.245.54.130 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:11111111 FAIL Jun 24 19:20:50 www4 WPAudit[3082666]: 196.245.54.130 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:qwer1234 FAIL Jun 24 19:21:18 www4 WPAudit[3082666]: 196.245.54.130 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:1234asdf FAIL Jun 24 19:21:28 www4 WPAudit[3082661]: 196.245.54.130 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537 ... show less	Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-07 12:19:59 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-15 01:41:47 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-09 04:07:54 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-02 00:47:17 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-04-30 01:45:57 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-04-20 04:40:43 (2 months ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 150.136.214.177

🇺🇸 47.89.187.129

🇨🇳 221.208.30.130

🇧🇷 205.210.31.149

🇮🇩 180.254.105.49

🇺🇸 162.216.149.96

🇰🇷 121.179.93.147

🇰🇷 121.161.242.168

🇳🇱 91.92.40.8

🇺🇸 71.6.239.130

🇺🇸 64.62.156.148

🇸🇨 45.194.67.29

🇨🇦 20.63.68.41

🇨🇦 20.63.8.12

🇨🇳 8.141.62.240

🇧🇷 200.131.5.202

🇺🇸 172.232.8.247

🇺🇸 158.94.187.95

🇨🇳 115.53.96.244

🇨🇳 111.57.17.167