JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.141.95.56

202.141.95.56 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 30%: ?

30%

ISP	RailTel Corporation is an Internet Service Provider.
Usage Type	Fixed Line ISP
ASN	AS24186
Domain Name	railtel.in
Country	🇮🇳 India
City	Kanpur, Uttar Pradesh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.141.95.56

Whois 202.141.95.56

IP Abuse Reports for 202.141.95.56:

This IP address has been reported a total of 5 times from 4 distinct sources. 202.141.95.56 was first reported on June 10th 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 applemooz	2026-06-11 13:15:50 (7 hours ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 08:52:55 (11 hours ago)	(mod_security) mod_security (id:240335) triggered by 202.141.95.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.141.95.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:52:46.893127 2026] [security2:error] [pid 18676:tid 18676] [client 202.141.95.56:32995] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.141.95.56 (+1 hits since last alert)\|fishleadership.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "aip3XrQ5xMfJ4vnNulfgzwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-11 08:49:27 (11 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 07:52:44 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 202.141.95.56 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.141.95.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:52:33.277779 2026] [security2:error] [pid 14512:tid 14512] [client 202.141.95.56:24443] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.141.95.56 (+1 hits since last alert)\|nordicbuilders.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicbuilders.net"] [uri "/xmlrpc.php"] [unique_id "aippQaLZZ6m-DBaeNkAgEAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 06:00:40 (1 day ago)	Attac	Brute-Force

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.133

🇧🇮 154.117.199.56

🇹🇼 128.14.237.43

🇷🇴 92.118.39.62

🇳🇱 45.148.10.141

🇳🇱 4.231.99.33

🇨🇳 175.30.48.174

🇺🇸 147.185.132.168

🇧🇩 113.11.34.221

🇹🇼 101.13.1.58

🇹🇷 91.151.88.168

🇫🇷 86.217.21.47

🇺🇸 40.124.173.224

🇨🇳 36.135.92.36

🇶🇦 34.18.214.172

🇨🇦 20.151.227.112

🇫🇮 2a00:1450:4010:c1c::124

🇦🇺 223.27.18.80

🇫🇷 185.177.72.58

🇺🇸 162.216.150.178