AbuseIPDB » 146.196.37.127
146.196.37.127
This IP was reported 7 times. Confidence of
Abuse
is 43% : ?
ISP
Satendra Networks
Usage Type
Fixed Line ISP
ASN
AS133982
Domain Name
excitel.com
Country
๐ฎ๐ณ
India
City
Patna, Bihar
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 146.196.37.127 :
This IP address has been reported a total of
7
times from
7 distinct
sources.
146.196.37.127 was first reported on
July 26th 2024 , and the most recent report was
2 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
TPI-Abuse
2026-06-14 14:07:18
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 146.196.37.127 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 146.196.37.127 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 10:07:14.805252 2026] [security2:error] [pid 8835:tid 8835] [client 146.196.37.127:52332] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||spacebooger.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "spacebooger.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai61kmg29Fhfy-RpYizioAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-06-14 12:33:03
(2 days ago)
Bot / scanning and/or hacking attempts: GET /wp-json/wp/v2/users HTTP/1.1, POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-06-14 12:23:08
(2 days ago)
Known malicious PHP file or CMS probe
Web App Attack
2026-06-14 08:45:42
(2 days ago)
[redacted] 146.196.37.127 - - [14/Jun/2026:10:44:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" " ...
show more
[redacted] 146.196.37.127 - - [14/Jun/2026:10:44:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.0.0 Safari/537.36"
[redacted] 146.196.37.127 - - [14/Jun/2026:10:44:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/73.0.0.0 Safari/537.36"
[redacted] 146.196.37.127 - - [14/Jun/2026:10:44:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/85.0.0.0 Safari/537.36"
[redacted] 146.196.37.127 - - [14/Jun/2026:10:45:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/90.0.0.0 Safari/537.36"
[redacted] 146.196.37.127 - - [14/Jun/2026:10:45:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, l
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
Roderic
2026-06-14 07:57:46
(2 days ago)
(apache_scanners-2) Failed apache-scanners trigger with match [redacted])
Port Scan
๐ช๐ธ
masterguru
2026-06-14 04:39:01
(2 days ago)
(xmlrpc) Failed xmlrpc access from 146.196.37.127 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
2024-07-26 00:31:03
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Showing 1 to
7
of 7 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: