JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.47.52.142

202.47.52.142 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 43%: ?

43%

ISP	Cyber Internet Services Pakistan
Usage Type	Fixed Line ISP
ASN	AS9541
Domain Name	cyber.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.47.52.142

Whois 202.47.52.142

IP Abuse Reports for 202.47.52.142:

This IP address has been reported a total of 23 times from 14 distinct sources. 202.47.52.142 was first reported on January 29th 2025, and the most recent report was 11 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-13 16:55:40 (11 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:09:42 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:09:37.288240 2026] [security2:error] [pid 31897:tid 31897] [client 202.47.52.142:55898] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.52.142 (+1 hits since last alert)\|newmooncafe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newmooncafe.com"] [uri "/xmlrpc.php"] [unique_id "ai1IgdTly12uv709jkC1UwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 08:06:30 (20 hours ago)	(mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 04:06:20.797632 2026] [security2:error] [pid 6227:tid 6227] [client 202.47.52.142:56716] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.52.142 (+1 hits since last alert)\|eftekharschool.ir\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eftekharschool.ir"] [uri "/xmlrpc.php"] [unique_id "ai0PfPIwKqeV7NuAAx70NwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-13 06:54:13 (21 hours ago)	[redacted] 202.47.52.142 - - [13/Jun/2026:08:53:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "J ... show more [redacted] 202.47.52.142 - - [13/Jun/2026:08:53:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" [redacted] 202.47.52.142 - - [13/Jun/2026:08:53:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" [redacted] 202.47.52.142 - - [13/Jun/2026:08:53:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" [redacted] 202.47.52.142 - - [13/Jun/2026:08:53:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com" grillmarkt-radebeul.de 202.47.52.142 - - [13/Jun/2026:08:53:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com" [redacted] 202.47.52.142 - - [13/Jun/2026:08:53:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/12.5; WordPress/6.2; http://site33777051.com" grillmarkt-radebeul.de 202.47.52.142 - - [13/Jun/2026:08:53:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 523 "-" "WordPress ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 16:38:23 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 12:38:17.311076 2026] [security2:error] [pid 18104:tid 18110] [client 202.47.52.142:56278] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.52.142 (+1 hits since last alert)\|darrylrichards.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "darrylrichards.com"] [uri "/xmlrpc.php"] [unique_id "aiWeeWuQ7pSqm21cidtxLwAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 16:08:10 (6 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-05-31 12:39:25 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 08:39:16.687053 2026] [security2:error] [pid 27291:tid 27299] [client 202.47.52.142:55048] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.52.142 (+1 hits since last alert)\|munatseng.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "munatseng.org"] [uri "/xmlrpc.php"] [unique_id "ahwr9BFd97dLUI3DTzM-ogAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-05-29 20:51:55 (2 weeks ago)	Unauthorized access to webpage admin	Web App Attack
🇺🇸 integrantservices.com	2026-05-03 14:55:28 (1 month ago)	(wordpress) Failed wordpress login from 202.47.52.142 (PK/Pakistan/-)	Brute-Force
Anonymous	2026-05-03 14:25:25 (1 month ago)		Bad Web Bot Web App Attack
Anonymous	2026-05-03 14:24:27 (1 month ago)	[redacted] 202.47.52.142 - - [03/May/2026:16:23:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "J ... show more [redacted] 202.47.52.142 - - [03/May/2026:16:23:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" [redacted] 202.47.52.142 - - [03/May/2026:16:23:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.5; WordPress/6.3; http://site91949274.com" [redacted] 202.47.52.142 - - [03/May/2026:16:24:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 202.47.52.142 - - [03/May/2026:16:24:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.1; WordPress/6.3; http://site20252846.com" [redacted] 202.47.52.142 - - [03/May/2026:16:24:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-05-01 00:41:34 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 202.47.52.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 20:41:29.978818 2026] [security2:error] [pid 32450:tid 32450] [client 202.47.52.142:55110] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 202.47.52.142 (+1 hits since last alert)\|ssion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "afP2uYZsnaCPP8dHPo3PzQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-23 23:20:04 (1 month ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇲🇾 Rizzy	2026-04-22 23:22:45 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 WeekendWeb	2026-04-19 18:19:06 (1 month ago)	Wordpress Vunerability attack	Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 202.46.62.51

🇺🇸 198.46.253.100

🇭🇰 190.92.239.22

🇻🇳 157.66.26.151

🇺🇸 66.240.192.138

🇬🇧 34.153.178.155

🇺🇸 205.210.31.52

198.18.78.34

🇩🇪 139.59.208.49

🇷🇺 82.146.45.91

🇷🇺 78.25.127.206

🇲🇾 49.124.149.199

🇺🇸 35.224.79.157

🇬🇧 35.203.211.95

🇧🇪 34.78.18.198

🇺🇸 20.64.105.77

🇹🇼 198.235.24.43

🇬🇧 195.140.214.28

🇺🇸 185.198.240.92

🇺🇸 184.105.247.254