Report for IP: 194.5.82.107

Threat LevelMEDIUM41/1002 rule types across 2 attack categories
2 incidents on record · 2 rule types · last seen 2d ago
PTR N/A
Org / ASN AS137409 GSL Networks Pty LTD
Country 🇸🇬 Singapore
City Singapore, North West
Timezone Asia/Singapore

Attack Analysis

🇸🇬 Singapore · Singapore · 137409 · Vpn Consumer Singapore, Republic of Singapore
WordPress XML-RPC Abuse
This IP targeted xmlrpc.php, a legacy WordPress endpoint that has been abused for brute-force authentication attacks, credential stuffing, and DDoS amplification. Any direct access to xmlrpc.php is an attack or reconnaissance attempt; modern WordPress sites should disable it entirely.
Directory Brute-Force (Active Scan)
This IP triggered 10 or more HTTP 4xx errors within 60 seconds — the signature of a vulnerability scanner cycling through wordlists of common admin paths, config files, and endpoints. Tools like Nikto, Dirbuster, and Gobuster produce exactly this pattern.

Reports (2)

Date Severity Description
17 Jun 2026 - 07:09 high Web: Active scan — 10+ 4xx errors in 60s
17 Jun 2026 - 07:09 high Web: xmlrpc.php accessed

Related IPs — Same /24 Block (194.5.82.0/24)

194.5.82.170MEDIUM2 reports194.5.82.109MEDIUM2 reports194.5.82.135MEDIUM2 reports194.5.82.152MEDIUM2 reports194.5.82.159MEDIUM2 reports194.5.82.105MEDIUM2 reports194.5.82.162MEDIUM1 report194.5.82.108MEDIUM1 report
Part of EagleEye Intelligence