JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 86.48.12.171

86.48.12.171 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 27%: ?

27%

ISP	Packethub S.A.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS136787
Domain Name	packethub.net
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 86.48.12.171

Whois 86.48.12.171

IP Abuse Reports for 86.48.12.171:

This IP address has been reported a total of 12 times from 8 distinct sources. 86.48.12.171 was first reported on October 14th 2024, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 10:06:43 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:06:38.456778 2026] [security2:error] [pid 21281:tid 21281] [client 86.48.12.171:51704] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 86.48.12.171 (+1 hits since last alert)\|adonamusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "adonamusic.com"] [uri "/xmlrpc.php"] [unique_id "ajEgLlvITubkiyz6CDefLgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 06:54:14 (5 hours ago)	(mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:54:06.225256 2026] [security2:error] [pid 2543:tid 2543] [client 86.48.12.171:59558] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 86.48.12.171 (+1 hits since last alert)\|barigby.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barigby.com"] [uri "/xmlrpc.php"] [unique_id "ajDzDnAY-jlvDa9wr-raIQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-21 08:10:14 (3 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-21 07:41:05 (3 weeks ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
Anonymous	2026-05-16 04:52:54 (1 month ago)	Attac	Brute-Force
🇨🇳 pengpeng	2026-05-15 07:21:19 (1 month ago)	monitor: on VM-0-7-ubuntu \| port: 36349 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on VM-0-7-ubuntu \| port: 36349 \| ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 rh24	2026-05-06 06:05:54 (1 month ago)	(wordpress) Failed wordpress login from 86.48.12.171 (JP/Japan/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2026-05-06 05:15:34 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 01:15:27.509819 2026] [security2:error] [pid 19511:tid 19511] [client 86.48.12.171:11004] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 86.48.12.171 (+1 hits since last alert)\|glassclublake.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "glassclublake.com"] [uri "/xmlrpc.php"] [unique_id "afrOb_U79AYPHCBfy5eyYwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-04 08:57:40 (1 month ago)	86.48.12.171 - - [04/May/2026:10:57:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/13.0; ... show more 86.48.12.171 - - [04/May/2026:10:57:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/13.0; WordPress/6.2; http://site12881342.com" 86.48.12.171 - - [04/May/2026:10:57:21 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/13.0; WordPress/6.2; http://site12881342.com" 86.48.12.171 - - [04/May/2026:10:57:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.5; WordPress/6.3; http://site81382545.com" 86.48.12.171 - - [04/May/2026:10:57:29 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/12.5; WordPress/6.3; http://site81382545.com" 86.48.12.171 - - [04/May/2026:10:57:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-04 05:47:29 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 86.48.12.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 04 01:47:22.131658 2026] [security2:error] [pid 3547:tid 3547] [client 86.48.12.171:13148] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 86.48.12.171 (+1 hits since last alert)\|ssion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "afgy6u0k3raQFdo8Fw7qSwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-01-02 01:37:48 (5 months ago)	Blocked by UFW (TCP on 63000) Source port: 56529 TTL: 119 Packet length: 52 TOS: 0x00 This report ( ... show more Blocked by UFW (TCP on 63000) Source port: 56529 TTL: 119 Packet length: 52 TOS: 0x00 This report (for 86.48.12.171) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2024-10-14 17:51:08 (1 year ago)		DNS Compromise DDoS Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 172.71.119.87

🇧🇬 78.128.113.22

🇮🇳 182.78.73.94

🇷🇺 178.178.194.123

🇺🇸 64.62.156.210

🇩🇪 49.12.185.204

🇧🇷 45.205.1.247

🇳🇱 45.148.10.147

🇸🇬 43.156.12.237

🇨🇳 36.137.131.9

🇺🇸 208.84.100.196

🇺🇸 207.46.13.155

🇯🇵 203.25.124.189

🇦🇷 181.28.101.14

🇺🇸 173.239.221.12

🇺🇸 172.234.218.22

🇬🇧 87.106.44.172

🇺🇸 66.132.186.243

🇫🇮 65.21.44.81

🇺🇸 47.251.59.83