JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.5.48.212

194.5.48.212 was found in our database!

This IP was reported 73 times. Confidence of Abuse is 32%: ?

32%

ISP	VPN Consumer Tokyo, Japan
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.5.48.212

Whois 194.5.48.212

IP Abuse Reports for 194.5.48.212:

This IP address has been reported a total of 73 times from 42 distinct sources. 194.5.48.212 was first reported on December 6th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-11 21:23:31 (2 days ago)	[ThuJun1123:23:26.1935562026][security2:error][pid2647252:tid2647321][client194.5.48.212:0]ModSecuri ... show more [ThuJun1123:23:26.1935562026][security2:error][pid2647252:tid2647321][client194.5.48.212:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"respiratrentino.it\"][uri\"/xmlrpc.php\"][unique_id\"aisnTojQCjIFbtmSyBV5lAAAAIQ\"] show less	Port Scan Brute-Force Web App Attack
🇮🇹 VHosting	2026-06-11 12:00:05 (3 days ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇨🇭 4server	2026-06-05 01:32:27 (1 week ago)	[FriJun0503:32:22.7919972026][security2:error][pid2720589:tid2720872][client194.5.48.212:0]ModSecuri ... show more [FriJun0503:32:22.7919972026][security2:error][pid2720589:tid2720872][client194.5.48.212:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"xn--tirascarph-ieb.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiInJog4jEEVBk08skHm3gAAAEs\"] show less	Hacking Web App Attack
Anonymous	2026-06-02 03:11:33 (1 week ago)	Improper access to WordPress XML-RPC	Web App Attack
🇨🇭 4server	2026-06-01 17:53:22 (1 week ago)	[MonJun0119:53:17.2651092026][security2:error][pid1780902:tid1781130][client194.5.48.212:0]ModSecuri ... show more [MonJun0119:53:17.2651092026][security2:error][pid1780902:tid1781130][client194.5.48.212:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"xn--tirascarph-ieb.ch\"][uri\"/xmlrpc.php\"][unique_id\"ah3HDWPMs9DgxptJ5vw5UAAAAQc\"] show less	Hacking Web App Attack
🇺🇸 WeekendWeb	2026-05-05 23:13:34 (1 month ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 xmission.com	2026-05-05 01:35:29 (1 month ago)	194.5.48.212 - - [04/May/2026:19:35:28 -0600] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 ( ... show more 194.5.48.212 - - [04/May/2026:19:35:28 -0600] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-04 19:59:45 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 194.5.48.212 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 194.5.48.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 15:59:40.667962 2026] [security2:error] [pid 17245:tid 17268] [client 194.5.48.212:40135] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 194.5.48.212 (+1 hits since last alert)\|peterhansenranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peterhansenranch.com"] [uri "/xmlrpc.php"] [unique_id "afj6rFZqA9KZLRfaHpdBmgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2026-04-19 21:22:06 (1 month ago)	Failed Wordpress login using xmlrpc.php	Web App Attack
🇧🇪 taivas.nl	2026-03-24 05:32:29 (2 months ago)	Many_bad_calls	Web App Attack
🇧🇪 cmbplf	2026-03-24 01:30:19 (2 months ago)	366 requests with url.path */wp-includes/wlwmanifest.xml	Brute-Force Bad Web Bot
🇧🇪 taivas.nl	2026-03-23 23:02:11 (2 months ago)	Bad_requests	Bad Web Bot
🇦🇺 Anytech	2026-03-23 09:57:48 (2 months ago)	Blocked by conn-monitor: Rule wordpress-sensitive-file-probe: Detect probing for sensitive WordPress ... show more Blocked by conn-monitor: Rule wordpress-sensitive-file-probe: Detect probing for sensitive WordPress files like wp-includes/ID3/license.txt, often indicative of reconnaissance. (1 hits) show less	DDoS Attack Web App Attack
🇯🇵 ki3	2026-03-18 06:11:04 (2 months ago)	Fail2Ban: Web App Attacks and Forum Spam 194.5.48.212 1773814264.0(JST)	Web Spam Bad Web Bot Web App Attack
🇺🇸 chronos	2026-03-18 05:27:39 (2 months ago)	[AUTORAVALT][[18/03/2026 - 02:27:39 -03:00 UTC] Attack from [194.5.48.212] Action: BLocKed Hacking. ... show more [AUTORAVALT][[18/03/2026 - 02:27:39 -03:00 UTC] Attack from [194.5.48.212] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software plugins/solutions. ] ... show less	Hacking Web App Attack

Showing 1 to 15 of 73 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:80d:1007::c7

🇫🇷 185.177.72.30

🇭🇰 152.32.213.68

🇵🇰 116.58.19.194

🇳🇱 91.92.42.170

🇺🇸 23.101.116.84

🇺🇸 3.141.106.66

🇨🇳 223.85.54.40

🇦🇷 170.210.136.58

🇧🇩 161.248.189.72

🇨🇳 124.221.121.14

🇻🇳 112.137.143.2

🇭🇰 103.20.223.56

🇬🇧 89.37.172.150

🇩🇪 47.245.136.243

🇺🇸 34.22.42.126

🇺🇸 3.135.208.124

🇨🇳 222.190.110.210

🇭🇰 199.45.154.189

🇺🇸 165.154.36.113