JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 192.140.150.2

192.140.150.2 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 74%: ?

74%

ISP	Cyber Internet Services Pakistan
Usage Type	Fixed Line ISP
ASN	AS9541
Domain Name	cyber.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 192.140.150.2

Whois 192.140.150.2

IP Abuse Reports for 192.140.150.2:

This IP address has been reported a total of 28 times from 20 distinct sources. 192.140.150.2 was first reported on November 7th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Kenshin869	2026-06-12 08:26:53 (1 week ago)	Wordpress unauthorized access attempt	Brute-Force
🇫🇷 masterguru	2026-06-12 07:33:11 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 rh24	2026-06-11 17:56:10 (1 week ago)	(wordpress) Failed wordpress login from 192.140.150.2 (PK/Pakistan/-): (CF_ENABLE)	Brute-Force
🇺🇸 WeekendWeb	2026-06-10 16:25:30 (1 week ago)	Wordpress Vunerability attack	Web App Attack
🇫🇷 dynamix	2026-06-10 12:50:09 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 grassau.com	2026-06-10 06:29:27 (1 week ago)	(wordpress) Failed wordpress login from 192.140.150.2 (PK/Pakistan/Khyber Pakhtunkhwa/Peshawar/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 18:12:35 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 192.140.150.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 192.140.150.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:12:29.991305 2026] [security2:error] [pid 10933:tid 10933] [client 192.140.150.2:5556] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.140.150.2 (+1 hits since last alert)\|avvmarchetticollini.it\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avvmarchetticollini.it"] [uri "/xmlrpc.php"] [unique_id "aihXjXwOt8rMIzIR-r3SzgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Dolphi	2026-06-07 18:20:02 (1 week ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇵🇾 SecOpsSL	2026-06-07 05:17:45 (2 weeks ago)	[Sun Jun 07 02:17:23.658183 2026] [authz_core:error] [pid 1480229:tid 1480229] [client 192.140.150.2 ... show more [Sun Jun 07 02:17:23.658183 2026] [authz_core:error] [pid 1480229:tid 1480229] [client 192.140.150.2:0] AH01630: client denied by server configuration: /var/www/html/wordpress/xmlrpc.php [Sun Jun 07 02:17:34.154799 2026] [authz_core:error] [pid 1535566:tid 1535566] [client 192.140.150.2:0] AH01630: client denied by server configuration: /var/www/html/wordpress/xmlrpc.php [Sun Jun 07 02:17:44.671195 2026] [authz_core:error] [pid 1480229:tid 1480229] [client 192.140.150.2:0] AH01630: client denied by server configuration: /var/www/html/wordpress/xmlrpc.php show less	Brute-Force Web App Attack
Anonymous	2026-06-07 03:10:16 (2 weeks ago)	[da.kdns.gr] httpd-xmlrpc-post: sites=anyfantis.gr; logs=/var/log/httpd/domains/anyfantis.gr.log; sa ... show more [da.kdns.gr] httpd-xmlrpc-post: sites=anyfantis.gr; logs=/var/log/httpd/domains/anyfantis.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 19:44:40 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 192.140.150.2 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 192.140.150.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 15:44:31.677249 2026] [security2:error] [pid 6349:tid 6349] [client 192.140.150.2:5326] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 192.140.150.2 (+1 hits since last alert)\|uccryakima.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uccryakima.org"] [uri "/xmlrpc.php"] [unique_id "aiR4n_J9ApTYej5HBR-l-AAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-05 11:28:35 (2 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-05 11:27:53 (2 weeks ago)	(wordpress) Failed wordpress login from 192.140.150.2 (PK/Pakistan/-)	Brute-Force
Anonymous	2026-06-05 10:58:43 (2 weeks ago)	(wordpress) Failed wordpress login from 192.140.150.2 (PK/Pakistan/-)	Brute-Force
Anonymous	2026-06-04 14:13:11 (2 weeks ago)	[redacted] 192.140.150.2 - - [04/Jun/2026:16:12:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ... show more [redacted] 192.140.150.2 - - [04/Jun/2026:16:12:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 192.140.150.2 - - [04/Jun/2026:16:12:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 192.140.150.2 - - [04/Jun/2026:16:12:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 192.140.150.2 - - [04/Jun/2026:16:12:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" [redacted] 192.140.150.2 - - [04/Jun/2026:16:13:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site91342565.com" ... show less	Hacking Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.76.120.30

🇷🇴 193.29.13.167

🇩🇪 172.68.195.166

🇺🇸 155.2.215.85

🇩🇿 154.246.243.204

🇺🇸 134.199.229.190

🇳🇱 91.92.42.88

🇩🇪 69.5.169.165

🇮🇳 52.140.76.154

🇧🇷 45.205.1.43

🇺🇸 20.65.194.87

🇻🇳 14.227.200.203

🇬🇧 5.226.140.10

🇭🇰 199.45.155.109

🇳🇱 195.178.110.30

🇩🇪 185.242.3.226

🇭🇰 150.5.154.160

🇺🇸 147.185.132.141

🇹🇷 146.19.125.54

🇺🇸 132.226.82.224