JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 49.12.228.193

49.12.228.193 was found in our database!

This IP was reported 161 times. Confidence of Abuse is 100%: ?

100%

ISP	Hetzner Online GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS24940
Hostname(s)	static.193.228.12.49.clients.your-server.de
Domain Name	hetzner.com
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 49.12.228.193

Whois 49.12.228.193

IP Abuse Reports for 49.12.228.193:

This IP address has been reported a total of 161 times from 76 distinct sources. 49.12.228.193 was first reported on May 19th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-10 14:46:16 (5 days ago)	Failed Wordpress Logins	Web App Attack
🇲🇽 octageeks.com	2026-06-02 04:06:34 (2 weeks ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇫🇷 SpaceHost-Server	2026-06-01 22:35:12 (2 weeks ago)		Brute-Force Web App Attack
🇩🇪 DocNetzwerk	2026-06-01 17:16:42 (2 weeks ago)	(wordpress) Failed wordpress login from 49.12.228.193 (DE/Germany/static.193.228.12.49.clients.your- ... show more (wordpress) Failed wordpress login from 49.12.228.193 (DE/Germany/static.193.228.12.49.clients.your-server.de) show less	Brute-Force
🇨🇦 KIsmay	2026-06-01 13:12:55 (2 weeks ago)	Jun 1 07:10:53 www4 WPAudit[233187]: 49.12.228.193 valhallasafety.com "Mozilla/5.0 (Windows NT 10.0 ... show more Jun 1 07:10:53 www4 WPAudit[233187]: 49.12.228.193 valhallasafety.com "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" ron:ron2345 FAIL Jun 1 07:39:41 www4 WPAudit[262815]: 49.12.228.193 dev.siscobc.com "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" sbd-admin:sbd-admin1. FAIL Jun 1 07:46:41 www4 WPAudit[255507]: 49.12.228.193 servicesfyi.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0" ncs-admin:ncs-admin84 FAIL Jun 1 08:16:38 www4 WPAudit[255500]: 49.12.228.193 servicesfyi.ca "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" pathwise:Apathwise FAIL Jun 1 09:12:55 www4 WPAudit[269600]: 49.12.228.193 amandasrestaurant.ca "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/5 ... show less	Brute-Force Web App Attack
🇺🇸 jormaster3k	2026-06-01 12:44:05 (2 weeks ago)	Attack against WordPress	Web App Attack
🇺🇸 TAY	2026-06-01 12:10:15 (2 weeks ago)	49.12.228.193 - - [01/Jun/2026:20:02:13 +0800] "POST /wp-login.php HTTP/1.1" 200 2676 "https://littl ... show more 49.12.228.193 - - [01/Jun/2026:20:02:13 +0800] "POST /wp-login.php HTTP/1.1" 200 2676 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 49.12.228.193 - - [01/Jun/2026:20:07:18 +0800] "POST /wp-login.php HTTP/1.1" 200 2677 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 49.12.228.193 - - [01/Jun/2026:20:10:14 +0800] "POST /wp-login.php HTTP/1.1" 200 2674 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-01 10:35:12 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 49.12.228.193 (static.193.228.12.49.clients.you ... show more (mod_security) mod_security (id:225170) triggered by 49.12.228.193 (static.193.228.12.49.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 06:34:59.558407 2026] [security2:error] [pid 15567:tid 15567] [client 49.12.228.193:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ac.cloudex.click\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ac.cloudex.click"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ah1gU6oYQfiOBaGUuQIAIwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mind5t0rm	2026-06-01 10:28:53 (2 weeks ago)	(WPLOGIN) WP Login Attack 49.12.228.193 (DE/Germany/static.193.228.12.49.clients.your-server.de): 3 ... show more (WPLOGIN) WP Login Attack 49.12.228.193 (DE/Germany/static.193.228.12.49.clients.your-server.de): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 49.12.228.193 - - [01/Jun/2026:17:15:45 +0700] "GET /wp-login.php HTTP/2.0" 200 3126 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 49.12.228.193 - - [01/Jun/2026:17:15:47 +0700] "POST /wp-login.php HTTP/2.0" 200 4167 "https://thevasilis.com/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 49.12.228.193 - - [01/Jun/2026:17:28:50 +0700] "GET /wp-login.php HTTP/2.0" 200 2345 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Port Scan
🇩🇪 Marc	2026-06-01 10:28:52 (2 weeks ago)	49.12.228.193 - - [01/Jun/2026:10:20:08 +0200] "GET /wp-login.php HTTP/2.0" 200 3352 "-" "Mozilla/5. ... show more 49.12.228.193 - - [01/Jun/2026:10:20:08 +0200] "GET /wp-login.php HTTP/2.0" 200 3352 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 49.12.228.193 - - [01/Jun/2026:10:20:08 +0200] "POST /wp-login.php HTTP/2.0" 200 3270 "https://alsarnsberg.eu/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0" 49.12.228.193 - - [01/Jun/2026:12:05:22 +0200] "GET /wp-login.php HTTP/2.0" 200 16010 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 49.12.228.193 - - [01/Jun/2026:12:05:23 +0200] "POST /wp-login.php HTTP/2.0" 403 48043 "https://www.wasch-arena.de/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 49.12.228.193 - - [01/Jun/2026:12:28:51 +0200] "GET /wp-login.php HTTP/2.0" 200 16053 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari show less	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-06-01 09:55:24 (2 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
🇺🇸 TAY	2026-06-01 09:32:51 (2 weeks ago)	49.12.228.193 - - [01/Jun/2026:17:25:23 +0800] "POST /wp-login.php HTTP/1.1" 200 2680 "https://littl ... show more 49.12.228.193 - - [01/Jun/2026:17:25:23 +0800] "POST /wp-login.php HTTP/1.1" 200 2680 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 49.12.228.193 - - [01/Jun/2026:17:32:38 +0800] "POST /wp-login.php HTTP/1.1" 200 2646 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 49.12.228.193 - - [01/Jun/2026:17:32:51 +0800] "POST /wp-login.php HTTP/1.1" 200 2676 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" ... show less	Brute-Force
🇩🇪 F242	2026-06-01 09:11:29 (2 weeks ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇩🇪 bsoft.de	2026-06-01 09:10:11 (2 weeks ago)	49.12.228.193 - - [01/Jun/2026:07:18:42 +0200] "GET /wp-login.php HTTP/1.1" 404 70157 "https://b-kit ... show more 49.12.228.193 - - [01/Jun/2026:07:18:42 +0200] "GET /wp-login.php HTTP/1.1" 404 70157 "https://b-kits.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 49.12.228.193 - - [01/Jun/2026:11:10:09 +0200] "GET /wp-login.php HTTP/1.1" 200 2975 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 49.12.228.193 - - [01/Jun/2026:11:10:10 +0200] "POST /wp-login.php HTTP/1.1" 200 3133 "https://kgsjw-freunde.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 mind5t0rm	2026-06-01 08:59:08 (2 weeks ago)	(WPLOGIN) WP Login Attack 49.12.228.193 (DE/Germany/static.193.228.12.49.clients.your-server.de): 3 ... show more (WPLOGIN) WP Login Attack 49.12.228.193 (DE/Germany/static.193.228.12.49.clients.your-server.de): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 49.12.228.193 - - [01/Jun/2026:15:42:21 +0700] "GET /wp-login.php HTTP/2.0" 200 2345 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 49.12.228.193 - - [01/Jun/2026:15:42:24 +0700] "POST /wp-login.php HTTP/2.0" 200 2501 "https://ddha.eu/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" 49.12.228.193 - - [01/Jun/2026:15:59:08 +0700] "GET /wp-login.php HTTP/2.0" 200 3126 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" show less	Port Scan

Showing 1 to 15 of 161 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 150.138.182.190

🇩🇪 3.70.238.157

🇨🇦 209.50.178.114

🇺🇸 205.210.31.89

🇷🇴 162.158.19.101

🇺🇸 152.232.95.238

🇭🇰 103.230.240.59

🇮🇩 103.151.34.138

🇫🇷 85.217.140.9

🇬🇧 45.82.76.102

🇹🇷 31.145.131.202

🇮🇳 2401:4900:8846:858d:f56a:81a9:b221:3b36

🇪🇸 212.227.149.238

🇻🇳 180.93.43.225

🇳🇱 93.123.109.114

🇺🇸 91.230.168.130

🇺🇸 71.6.232.28

🇺🇸 66.132.195.22

🇬🇧 35.203.211.74

🇨🇦 2600:1f11:961:1600:b64b:3ae9:92cb:50dd