JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 196.245.54.142

196.245.54.142 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 68%: ?

68%

ISP	SA
Usage Type	Data Center/Web Hosting/Transit
ASN	AS58065
Domain Name	fibergrid.co.za
Country	🇪🇸 Spain
City	Valencia, Valencia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 196.245.54.142

Whois 196.245.54.142

IP Abuse Reports for 196.245.54.142:

This IP address has been reported a total of 30 times from 15 distinct sources. 196.245.54.142 was first reported on September 18th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-25 02:50:40 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 196.245.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.245.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:50:37.410159 2026] [security2:error] [pid 1155:tid 1262] [client 196.245.54.142:60837] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.245.54.142 (+1 hits since last alert)\|www.gilesrentalcars.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.gilesrentalcars.com"] [uri "/xmlrpc.php"] [unique_id "ajyXfVa-ZTxis9E9C_vsMwAAARI"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 librebit	2026-06-25 02:33:42 (1 day ago)	Brute force	Brute-Force
🇩🇪 Nerdscave Hosting	2026-06-25 02:01:20 (1 day ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 masterguru	2026-06-25 01:47:05 (1 day ago)	(XMLRPC) WP XMLPRC Attack 196.245.54.142 (ES/Spain/-): 10 in the last 3600 secs (0-173)	Hacking
Anonymous	2026-06-25 01:22:13 (1 day ago)	Failed Wordpress Logins	Web App Attack
🇫🇷 dynamix	2026-06-25 00:08:28 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇦🇺 paulshipley.com.au	2026-06-24 23:51:09 (1 day ago)	[Thu Jun 25 09:51:06.569247 2026] [security2:error] [pid 452533] [client 196.245.54.142:34925] [clie ... show more [Thu Jun 25 09:51:06.569247 2026] [security2:error] [pid 452533] [client 196.245.54.142:34925] [client 196.245.54.142] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "dance4fitness.com.au"] [uri "/xmlrpc.php"] [unique_id "ajxtaqn4kckngiIalvF9nQAAAAQ"] ... show less	Web App Attack
🇧🇪 taivas.nl	2026-06-24 23:32:17 (1 day ago)	Wordpress_login_attempts	Bad Web Bot
🇨🇦 KIsmay	2026-06-24 23:21:30 (1 day ago)	Jun 24 19:20:49 www4 WPAudit[3082665]: 196.245.54.142 lemoncreekcampground.ca "Mozilla/5.0 (Windows ... show more Jun 24 19:20:49 www4 WPAudit[3082665]: 196.245.54.142 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:123456a FAIL Jun 24 19:20:51 www4 WPAudit[3082665]: 196.245.54.142 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:123654 FAIL Jun 24 19:20:55 www4 WPAudit[3082661]: 196.245.54.142 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:Welcome123 FAIL Jun 24 19:21:23 www4 WPAudit[3082665]: 196.245.54.142 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" sbd-admin:doudou FAIL Jun 24 19:21:29 www4 WPAudit[3082664]: 196.245.54.142 lemoncreekcampground.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 23:01:54 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 196.245.54.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 196.245.54.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:01:50.611466 2026] [security2:error] [pid 27684:tid 27684] [client 196.245.54.142:40963] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 196.245.54.142 (+1 hits since last alert)\|www.gasoilliquidsdaily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.gasoilliquidsdaily.com"] [uri "/xmlrpc.php"] [unique_id "ajxh3tGD38UObHJhs5jl4QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-21 18:12:36 (4 days ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 joharikop	2026-06-08 08:33:33 (2 weeks ago)	Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-cred ... show more Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-credential-probes jail. show less	Web App Attack
🇫🇷 masterguru	2026-06-04 02:40:13 (3 weeks ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 196.245.54.142 (ES/Spain/-): 1 in the last 360 ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 196.245.54.142 (ES/Spain/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇬🇧 consul.to	2026-05-26 15:15:30 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-17 06:11:10 (1 month ago)	Web attack/malicious scanning detected	Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.154

🇸🇬 185.200.116.38

🇫🇷 185.177.72.68

🇺🇸 136.119.22.247

🇳🇱 23.109.177.215

🇮🇱 2.55.122.202

🇱🇰 220.247.224.226

🇺🇸 216.25.89.147

🇰🇷 124.153.189.92

🇺🇸 65.49.20.83

🇺🇸 52.224.242.102

🇮🇶 198.160.166.166

🇧🇷 186.204.58.11

🇺🇸 147.185.132.175

🇺🇸 136.144.35.61

🇺🇸 66.132.172.120

🇺🇸 45.45.237.97

🇯🇵 43.163.234.162

🇬🇧 217.154.38.181

🇺🇸 136.114.174.63