JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.196.5.29

112.196.5.29 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 71%: ?

71%

ISP	Patiala
Usage Type	Fixed Line ISP
ASN	AS17917
Domain Name	infotelconnect.com
Country	🇮🇳 India
City	Ludhiana, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.196.5.29

Whois 112.196.5.29

IP Abuse Reports for 112.196.5.29:

This IP address has been reported a total of 38 times from 22 distinct sources. 112.196.5.29 was first reported on April 2nd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Mangelot Hosting	2026-06-09 05:00:30 (1 day ago)	(wp_login_try) srv101 WP Login Attempt 112.196.5.29 (IN/India/-): 10 in the last 3600 secs; Ports: * ... show more (wp_login_try) srv101 WP Login Attempt 112.196.5.29 (IN/India/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 00:24:03 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 112.196.5.29 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 112.196.5.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 20:23:54.402070 2026] [security2:error] [pid 11148:tid 11148] [client 112.196.5.29:56342] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.rimaine.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rimaine.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aiddGgKP3-MobjP5VpFVgwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-08 21:14:45 (2 days ago)	10 attempts against mh-misc-ban on plum	Web App Attack
🇳🇱 Mangelot Hosting	2026-06-08 16:30:11 (2 days ago)	(wp_login_try) srv103 WP Login Attempt 112.196.5.29 (IN/India/-): 10 in the last 3600 secs; Ports: * ... show more (wp_login_try) srv103 WP Login Attempt 112.196.5.29 (IN/India/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 Dolphi	2026-06-08 06:00:11 (2 days ago)	Excessive POST /wp-login.php requests	Brute-Force Web App Attack
Anonymous	2026-06-07 00:49:44 (3 days ago)	[redacted] 112.196.5.29 - - [07/Jun/2026:02:49:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mo ... show more [redacted] 112.196.5.29 - - [07/Jun/2026:02:49:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" [redacted] 112.196.5.29 - - [07/Jun/2026:02:49:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:43.0) Gecko/20100101 Firefox/43.0" [redacted] 112.196.5.29 - - [07/Jun/2026:02:49:43 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0" [redacted] 112.196.5.29 - - [07/Jun/2026:02:49:44 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0" [redacted] 112.196.5.29 - - [07/Jun/2026:02:49:44 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0" ... show less	Hacking Web App Attack
Anonymous	2026-06-04 20:20:21 (6 days ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-02 22:46:06 (1 week ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-28 13:46:12 (1 week ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-25 20:46:25 (2 weeks ago)	Failed Wordpress Logins	Web App Attack
🇹🇭 thaizone.com	2026-05-25 19:26:29 (2 weeks ago)	Brute-forcing login against websites (D1-1) #1	Web App Attack Hacking
Anonymous	2026-05-24 12:46:09 (2 weeks ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-05-23 02:48:56 (2 weeks ago)	Failed Wordpress Logins	Web App Attack
🇫🇷 dynamix	2026-05-21 03:33:08 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:24:08 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 112.196.5.29 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 112.196.5.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:24:02.609590 2026] [security2:error] [pid 31690:tid 31690] [client 112.196.5.29:35404] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jfexpressfr8.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jfexpressfr8.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag4mcmJgGMmW10eSaE7jhwAAAC0"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 217.145.72.199

🇺🇸 172.217.46.145

🇮🇳 128.185.33.241

🇺🇸 66.132.172.41

🇺🇸 209.126.83.166

🇨🇳 180.100.198.68

🇫🇷 173.249.52.138

🇺🇸 172.236.228.222

🇧🇪 158.173.67.202

🇧🇪 158.173.67.197

🇭🇰 103.218.2.156

🇳🇬 102.91.133.207

🇰🇷 222.110.147.58

🇨🇳 183.185.110.224

🇺🇸 134.209.120.216

🇨🇳 120.224.172.222

🇭🇰 101.36.106.134

🇫🇮 83.97.118.252

🇫🇷 69.62.105.123

🇬🇧 35.203.211.111