JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.141.252.112

202.141.252.112 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 37%: ?

37%

ISP	Multinet Pakistan Pvt. Ltd.
Usage Type	Fixed Line ISP
ASN	AS9260
Hostname(s)	202-141-252-112.multi.net.pk
Domain Name	multi.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.141.252.112

Whois 202.141.252.112

IP Abuse Reports for 202.141.252.112:

This IP address has been reported a total of 8 times from 6 distinct sources. 202.141.252.112 was first reported on October 13th 2021, and the most recent report was 34 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-19 11:01:39 (34 minutes ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 Marc	2026-06-18 13:53:33 (21 hours ago)	202.141.252.112 - - [18/Jun/2026:15:53:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack b ... show more 202.141.252.112 - - [18/Jun/2026:15:53:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack by WordPress.com" 202.141.252.112 - - [18/Jun/2026:15:53:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack by WordPress.com" 202.141.252.112 - - [18/Jun/2026:15:53:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack by WordPress.com" show less	Brute-Force Web App Attack
🇩🇪 konseptit	2026-06-18 12:39:56 (22 hours ago)	(wordpress) Failed wordpress login from 202.141.252.112 (PK/Pakistan/202-141-252-112.multi.net.pk)	Brute-Force
Anonymous	2026-06-17 11:08:38 (2 days ago)	(wordpress) Failed wordpress login from 202.141.252.112 (PK/Pakistan/Sindh/Karachi/202-141-252-112.m ... show more (wordpress) Failed wordpress login from 202.141.252.112 (PK/Pakistan/Sindh/Karachi/202-141-252-112.multi.net.pk/[redacted]) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 18:03:23 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 202.141.252.112 (202-141-252-112.multi.net.pk): ... show more (mod_security) mod_security (id:240335) triggered by 202.141.252.112 (202-141-252-112.multi.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:03:15.491195 2026] [security2:error] [pid 6854:tid 6854] [client 202.141.252.112:63778] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.141.252.112 (+1 hits since last alert)\|celltechs.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celltechs.net"] [uri "/xmlrpc.php"] [unique_id "ai2bY95E1Ob815_0pus0kwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 18:02:50 (5 days ago)	(wordpress) Failed wordpress login from 202.141.252.112 (PK/Pakistan/Sindh/Karachi/202-141-252-112.m ... show more (wordpress) Failed wordpress login from 202.141.252.112 (PK/Pakistan/Sindh/Karachi/202-141-252-112.multi.net.pk/[redacted]) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 14:07:36 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 202.141.252.112 (202-141-252-112.multi.net.pk): ... show more (mod_security) mod_security (id:240335) triggered by 202.141.252.112 (202-141-252-112.multi.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 10:07:28.304943 2026] [security2:error] [pid 20028:tid 20028] [client 202.141.252.112:56504] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.141.252.112 (+1 hits since last alert)\|schmitzcomm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schmitzcomm.net"] [uri "/xmlrpc.php"] [unique_id "aibMoC9HtX0xV_fCzQodkwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 snydr	2021-10-13 01:28:30 (4 years ago)	connection attempt port 445 TCP	Port Scan

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 219.159.91.46

🇱🇰 192.248.24.53

🇳🇱 172.94.9.65

🇵🇪 161.132.54.218

🇪🇸 149.91.97.132

🇭🇰 103.14.33.174

🇷🇴 80.94.92.171

🇭🇰 46.247.61.136

🇬🇧 35.203.210.231

🇨🇱 179.57.170.71

🇺🇸 107.173.146.37

🇮🇳 103.54.101.248

🇫🇷 85.217.140.16

🇺🇸 64.62.156.222

🇫🇷 51.159.202.36

🇮🇳 49.43.235.78

🇩🇪 45.135.194.83

🇩🇪 3.77.221.157

🇺🇸 165.154.173.83

🇩🇪 155.117.127.5