JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.53.148.251

194.53.148.251 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 43%: ?

43%

ISP	Pablo Sarria Perez
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210181
Hostname(s)	web6.open6hosting.com
Domain Name	open6hosting.com
Country	🇪🇸 Spain
City	Sarria, Galicia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.53.148.251

Whois 194.53.148.251

IP Abuse Reports for 194.53.148.251:

This IP address has been reported a total of 22 times from 10 distinct sources. 194.53.148.251 was first reported on February 22nd 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 18:31:05 (5 days ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:31:00.321723 2026] [security2:error] [pid 18679:tid 18679] [client 194.53.148.251:54623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.smilingorc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.smilingorc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajBE5PAyYcpYeDq3ncVKMQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 20:31:36 (6 days ago)	[redacted] 194.53.148.251 - - [14/Jun/2026:22:31:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" " ... show more [redacted] 194.53.148.251 - - [14/Jun/2026:22:31:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" [redacted] 194.53.148.251 - - [14/Jun/2026:22:31:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" [redacted] 194.53.148.251 - - [14/Jun/2026:22:31:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:43.0) Gecko/20100101 Firefox/43.0" [redacted] 194.53.148.251 - - [14/Jun/2026:22:31:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0" [redacted] 194.53.148.251 - - [14/Jun/2026:22:31:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0" apoll ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 14:57:32 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 10:57:28.552489 2026] [security2:error] [pid 31025:tid 31025] [client 194.53.148.251:64856] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.paulsingdahlsen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.paulsingdahlsen.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai7BWFYSB03sT5fmNZTZBAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 22:01:45 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 18:01:40.093691 2026] [security2:error] [pid 17082:tid 17082] [client 194.53.148.251:65337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rambleandprose.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rambleandprose.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai3TRNx-9PIK4rlVyXScZQAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 19:32:44 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 15:32:37.700207 2026] [security2:error] [pid 4082:tid 4082] [client 194.53.148.251:37278] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.jacquelineperriam.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jacquelineperriam.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai2wVRyflcmQN7rMmJWtSAAAAGE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 18:02:14 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:02:07.751407 2026] [security2:error] [pid 27460:tid 27464] [client 194.53.148.251:59487] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gabegabel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gabegabel.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai2bH6NEVDi6ucFEXiZdawAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 10:26:16 (1 week ago)	(XMLRPC) WP XMLPRC Attack 194.53.148.251 (ES/Spain/web6.open6hosting.com): 5 in the last 3600 secs; ... show more (XMLRPC) WP XMLPRC Attack 194.53.148.251 (ES/Spain/web6.open6hosting.com): 5 in the last 3600 secs; Ports: *; Direction: 1 show less	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-07 20:55:19 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 16:55:13.708059 2026] [security2:error] [pid 11704:tid 11704] [client 194.53.148.251:53579] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|allfloridamedia.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "allfloridamedia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiXasXGEtFCR2V7EvXHRDwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 16:14:05 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:13:59.714723 2026] [security2:error] [pid 23502:tid 23502] [client 194.53.148.251:58011] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|altoshp.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "altoshp.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiWYxxp9ZcTLsGm5jmKA9gAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 13:57:49 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 09:57:45.798236 2026] [security2:error] [pid 7908:tid 7908] [client 194.53.148.251:35762] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.americanureport.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.americanureport.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiV42RG41hQhmJD81tCyhAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 06:52:04 (1 week ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /author/admin/ HTTP/1.1, GET ... show more Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /author/admin/ HTTP/1.1, GET /?author=1 HTTP/1.1, POST /wp-login.php HTTP/1.1, GET /?author=3 HTTP/1.1, GET /?author=2 HTTP/1.1, GET / HTTP/1.1 show less	Hacking Web App Attack
🇩🇪 rh24	2026-06-07 06:37:25 (1 week ago)	(wordpress-user-enum) Failed wordpress-user-enum trigger from 194.53.148.251 (ES/Spain/web6.open6hos ... show more (wordpress-user-enum) Failed wordpress-user-enum trigger from 194.53.148.251 (ES/Spain/web6.open6hosting.com): (CF_ENABLE) show less	Brute-Force
🇧🇷 Halux	2026-06-06 01:56:00 (2 weeks ago)	194.53.148.251 Web Application Firewall multiple violations	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 14:44:39 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 10:44:31.511177 2026] [security2:error] [pid 29869:tid 29892] [client 194.53.148.251:55065] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.campingcosmetics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.campingcosmetics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiLgz_UXnjPody_N2fRSLAAAAZM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-17 16:22:58 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in th ... show more (mod_security) mod_security (id:225170) triggered by 194.53.148.251 (web6.open6hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 12:22:54.923761 2026] [security2:error] [pid 16257:tid 16257] [client 194.53.148.251:57266] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.travelwithjenniferb.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.travelwithjenniferb.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agnrXucBMLgO8RE2Pn2KsAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 157.245.148.13

🇮🇳 143.110.251.21

🇹🇷 131.222.252.182

🇮🇳 103.54.101.248

🇩🇪 69.5.169.144

🇹🇷 31.145.131.202

🇬🇧 5.226.140.98

🇨🇳 223.241.247.227

🇬🇧 217.146.80.108

🇺🇸 195.184.76.234

🇧🇷 191.37.21.77

🇨🇳 180.153.236.76

🇨🇱 179.57.170.71

🇺🇸 173.70.13.159

🇺🇸 162.216.150.77

🇳🇱 160.119.69.16

🇬🇧 118.26.104.212

🇨🇳 112.109.162.191

🇩🇪 79.110.62.71

🇩🇪 69.5.169.249