JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.53.241.142

101.53.241.142 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 47%: ?

47%

ISP	Cyber Internet Services Pakistan
Usage Type	Fixed Line ISP
ASN	AS9541
Domain Name	cyber.net.pk
Country	🇵🇰 Pakistan
City	Sahiwal, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.53.241.142

Whois 101.53.241.142

IP Abuse Reports for 101.53.241.142:

This IP address has been reported a total of 16 times from 11 distinct sources. 101.53.241.142 was first reported on January 22nd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 14:06:41 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 10:06:32.047954 2026] [security2:error] [pid 16435:tid 16526] [client 101.53.241.142:34650] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 101.53.241.142 (+1 hits since last alert)\|tomithai.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tomithai.com"] [uri "/xmlrpc.php"] [unique_id "ajVM6CAkB0GZopGq1ajYrAAAAgM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 11:50:51 (1 day ago)	[server.tmg.gr] httpd-xmlrpc-post: sites=tmg.gr; logs=/var/log/httpd/domains/tmg.gr.log; samples=/xm ... show more [server.tmg.gr] httpd-xmlrpc-post: sites=tmg.gr; logs=/var/log/httpd/domains/tmg.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 09:59:07 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 05:58:55.777472 2026] [security2:error] [pid 2182:tid 2182] [client 101.53.241.142:34690] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 101.53.241.142 (+1 hits since last alert)\|lambert-heating-and-air.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lambert-heating-and-air.com"] [uri "/xmlrpc.php"] [unique_id "ajUS39Z8hS7M96IgojFx8AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-18 06:02:53 (2 days ago)	101.53.241.142 - - [18/Jun/2026:08:02:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by ... show more 101.53.241.142 - - [18/Jun/2026:08:02:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 101.53.241.142 - - [18/Jun/2026:08:02:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 101.53.241.142 - - [18/Jun/2026:08:02:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 101.53.241.142 - - [18/Jun/2026:08:02:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 101.53.241.142 - - [18/Jun/2026:08:02:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-16 07:35:25 (4 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PK/Pakistan/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:15:40 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:15:26.811974 2026] [security2:error] [pid 30617:tid 30617] [client 101.53.241.142:33617] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 101.53.241.142 (+1 hits since last alert)\|solarfarms.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "solarfarms.info"] [uri "/xmlrpc.php"] [unique_id "ai_ezq9i5K2pFx6nsU-2tAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:53:58 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:53:46.904981 2026] [security2:error] [pid 8334:tid 8334] [client 101.53.241.142:34298] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 101.53.241.142 (+1 hits since last alert)\|pondplain.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pondplain.org"] [uri "/xmlrpc.php"] [unique_id "ai-9mv6yWlFcz7wQ4bZUvgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 14:55:07 (6 days ago)	[redacted] 101.53.241.142 - - [14/Jun/2026:16:54:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 101.53.241.142 - - [14/Jun/2026:16:54:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 101.53.241.142 - - [14/Jun/2026:16:54:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.1; http://site46663106.com" [redacted] 101.53.241.142 - - [14/Jun/2026:16:54:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 101.53.241.142 - - [14/Jun/2026:16:54:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 101.53.241.142 - - [14/Jun/2026:16:55:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
Anonymous	2026-06-13 15:37:38 (1 week ago)	Fail2Ban - Wordpress brute-force ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 09:26:41 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 101.53.241.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:26:29.748354 2026] [security2:error] [pid 18691:tid 18815] [client 101.53.241.142:34070] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 101.53.241.142 (+1 hits since last alert)\|woodamy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "woodamy.com"] [uri "/xmlrpc.php"] [unique_id "ai0iRUvBJGXT1AIR7NcLzwAAARA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-11 07:12:18 (1 week ago)	(wordpress) Failed wordpress login from 101.53.241.142 (PK/Pakistan/Punjab/Sialkot/-)	Brute-Force
🇩🇪 grassau.com	2026-06-08 03:48:16 (1 week ago)	(wordpress) Failed wordpress login from 101.53.241.142 (PK/Pakistan/Punjab/Sialkot/-)	Brute-Force
🇩🇪 SMARTNET	2026-05-27 06:03:53 (3 weeks ago)	Aisuru(Mirai variant) DDoS \| Incident ID: 1175168a-7e6d-467e-bb9a-dd1cdfa3fb9e	DDoS Attack
🇩🇪 filstal.org	2026-03-27 10:50:23 (2 months ago)	Dovecot Brute-Force: Targeted User-Enumeration (Honey-Accounts)	Email Spam Brute-Force
🇳🇱 maxxsense	2026-02-21 16:39:02 (3 months ago)	101.53.241.142 (PK/Pakistan/-), 12 distributed imapd attacks on account [redacted]	Brute-Force

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 147.185.133.240

🇺🇸 107.155.48.46

🇺🇸 46.173.252.20

🇳🇱 45.148.10.147

🇺🇸 34.58.124.191

🇺🇸 8.235.67.147

🇧🇷 177.129.251.6

🇳🇱 176.65.148.84

🇳🇱 176.65.139.36

🇻🇳 160.250.246.224

🇩🇪 152.53.22.186

🇵🇱 145.239.83.63

🇧🇷 129.121.32.44

🇮🇳 202.141.103.223

🇧🇷 179.183.114.175

🇹🇭 165.154.51.193

🇸🇦 87.101.173.102

🇫🇷 85.217.140.49

🇫🇷 51.159.149.103

🇵🇹 5.180.245.75