JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 195.242.212.198

195.242.212.198 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 35%: ?

35%

ISP	M247 LTD Chicago Infrastructure
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Hostname(s)	no-rdns-yet.ohtele.com
Domain Name	m247.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 195.242.212.198

Whois 195.242.212.198

IP Abuse Reports for 195.242.212.198:

This IP address has been reported a total of 142 times from 50 distinct sources. 195.242.212.198 was first reported on August 5th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 wristhulk	2026-06-17 21:40:32 (1 week ago)	Honeypot: VNC brute-force on OpenCanary honeypot (port 5900). Password not in common list (custom wo ... show more Honeypot: VNC brute-force on OpenCanary honeypot (port 5900). Password not in common list (custom wordlist). show less	Brute-Force
🇺🇸 sargetun	2026-06-17 10:35:32 (1 week ago)	Honeypot: Auto-ban: 24 hour idle after honeypot interaction. Auto-reported from VPS honeypot.	Brute-Force SSH Hacking
🇺🇸 wristhulk	2026-06-16 10:33:27 (2 weeks ago)	Honeypot: VNC brute-force on OpenCanary honeypot (port 5900). Password not in common list (custom wo ... show more Honeypot: VNC brute-force on OpenCanary honeypot (port 5900). Password not in common list (custom wordlist). show less	Brute-Force
🇺🇸 sargetun	2026-06-16 10:31:00 (2 weeks ago)	Honeypot: VNC probe on port 5900 at 2026-06-16 10:29:39.295299. Automated report from VPS honeypot.	Port Scan
🇺🇦 URAN Publishing Service	2026-06-14 15:42:07 (2 weeks ago)	195.242.212.198 - - [14/Jun/2026:18:42:06 +0300] "GET /wp-content/plugins/ckeditor-for-wordpress/fil ... show more 195.242.212.198 - - [14/Jun/2026:18:42:06 +0300] "GET /wp-content/plugins/ckeditor-for-wordpress/filemanager/browser/default/browser.html HTTP/1.1" 404 762 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-14 11:48:09 (2 weeks ago)	195.242.212.198 - - [14/Jun/2026:14:48:08 +0300] "GET /wp-content/plugins/ckeditor/filemanager/brows ... show more 195.242.212.198 - - [14/Jun/2026:14:48:08 +0300] "GET /wp-content/plugins/ckeditor/filemanager/browser/default/browser.html HTTP/1.1" 404 764 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-14 00:02:09 (2 weeks ago)	195.242.212.198 - - [14/Jun/2026:03:02:06 +0300] "GET /wp-admin/ckeditor/filemanager/browser/default ... show more 195.242.212.198 - - [14/Jun/2026:03:02:06 +0300] "GET /wp-admin/ckeditor/filemanager/browser/default/browser.html HTTP/1.1" 404 3368 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" 195.242.212.198 - - [14/Jun/2026:03:02:07 +0300] "GET /wp-content/plugins/fckeditor-for-wordpress-plugin/filemanager/browser/mcpuk/browser.html HTTP/1.1" 404 791 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" ... show less	Web App Attack
🇫🇷 Donovan	2026-06-13 19:14:31 (2 weeks ago)	Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-11 21:27:08 (2 weeks ago)	195.242.212.198 - - [12/Jun/2026:00:27:07 +0300] "GET /wp-content/plugins/fckeditor/filemanager/brow ... show more 195.242.212.198 - - [12/Jun/2026:00:27:07 +0300] "GET /wp-content/plugins/fckeditor/filemanager/browser/default/browser.html HTTP/1.1" 404 783 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" 195.242.212.198 - - [12/Jun/2026:00:27:07 +0300] "GET /wp-includes/ckeditor/filemanager/browser/default/browser.html HTTP/1.1" 404 783 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)" ... show less	Web App Attack
🇷🇸 Smel	2026-06-09 15:04:30 (3 weeks ago)	Mail/25/465/587-993/995 Probe, Reject, BadAuth, Hack, SPAM -	Email Spam Hacking Brute-Force
🇺🇸 TPI-Abuse	2026-05-18 20:44:19 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 195.242.212.198 (no-rdns-yet.ohtele.com): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 195.242.212.198 (no-rdns-yet.ohtele.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 16:44:15.712283 2026] [security2:error] [pid 13060:tid 13060] [client 195.242.212.198:39686] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 195.242.212.198 (+1 hits since last alert)\|femalegamblers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "femalegamblers.org"] [uri "/xmlrpc.php"] [unique_id "agt6H3v1IIjTtPbUxjToNAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-18 20:41:47 (1 month ago)	(xmlrpc) Failed wordpress XMLRPC 195.242.212.198 (US/United States/no-rdns-yet.ohtele.com)	Brute-Force
🇦🇺 AWW-Admin	2026-05-05 08:09:55 (1 month ago)	(wordpress) Failed wordpress login from 195.242.212.198 (US/United States/no-rdns-yet.ohtele.com)	Brute-Force
🇳🇱 wlt-blocker	2026-05-04 08:03:09 (1 month ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 rsiddall	2026-05-04 04:33:25 (1 month ago)	195.242.212.198 - - [04/May/2026:00:33:15 -0400] "POST /wp-login.php HTTP/1.1" 301 249 "https://matt ... show more 195.242.212.198 - - [04/May/2026:00:33:15 -0400] "POST /wp-login.php HTTP/1.1" 301 249 "https://mattdeandrea.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:119.0) Gecko/20100101 Firefox/119.0" 195.242.212.198 - - [04/May/2026:00:33:17 -0400] "POST /wp-login.php HTTP/1.1" 301 249 "https://mattdeandrea.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Safari/605.1.15" 195.242.212.198 - - [04/May/2026:00:33:19 -0400] "POST /wp-login.php HTTP/1.1" 301 249 "https://mattdeandrea.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 195.242.212.198 - - [04/May/2026:00:33:21 -0400] "POST /wp-login.php HTTP/1.1" 301 249 "https://mattdeandrea.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 195.242.212.198 - - [04/May/2026:00:33:22 -0400] "POST /wp-login.php HTTP/1. ... show less	Brute-Force

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.128.152.105

🇲🇾 183.171.41.105

🇳🇱 91.92.40.10

🇳🇱 77.90.63.252

🇳🇱 45.148.10.147

🇹🇿 41.93.82.194

🇨🇳 14.144.13.93

🇧🇷 205.210.31.129

🇧🇷 200.215.160.168

🇧🇷 187.108.1.135

🇰🇷 182.31.36.218

🇮🇹 151.60.88.74

🇨🇳 120.239.34.150

🇻🇳 113.160.82.122

🇺🇸 35.172.228.208

🇨🇳 1.14.28.29

🇬🇧 193.163.125.192

🇳🇱 176.65.148.156

🇭🇰 165.154.6.75

🇩🇪 159.195.70.243