JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 95.137.187.54

95.137.187.54 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 81%: ?

81%

ISP	System Net Ltd
Usage Type	Fixed Line ISP
ASN	AS34797
Domain Name	egrisi.ge
Country	🇬🇪 Georgia
City	Tbilisi, Tbilisi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 95.137.187.54

Whois 95.137.187.54

IP Abuse Reports for 95.137.187.54:

This IP address has been reported a total of 88 times from 33 distinct sources. 95.137.187.54 was first reported on March 29th 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-22 19:21:42 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 15:21:35.876677 2026] [security2:error] [pid 6501:tid 6501] [client 95.137.187.54:62477] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|kdgsf.xyz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kdgsf.xyz"] [uri "/xmlrpc.php"] [unique_id "ajmLPyjSF5Gc87qvLlIImAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 19:02:42 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:02:38.329054 2026] [security2:error] [pid 22868:tid 22868] [client 95.137.187.54:50286] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|futuresgrowhere.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "futuresgrowhere.com"] [uri "/xmlrpc.php"] [unique_id "ajbjzq9YiQd3NdtDC0cTIQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 18:33:58 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 14:33:52.827619 2026] [security2:error] [pid 9313:tid 9313] [client 95.137.187.54:60907] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|rochesterhistorical.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rochesterhistorical.org"] [uri "/xmlrpc.php"] [unique_id "ajbdEMWvE8Pp-fLPGc506AAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-20 15:09:16 (2 days ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 19:03:57 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 15:03:52.799346 2026] [security2:error] [pid 17517:tid 17517] [client 95.137.187.54:58730] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|d365geek.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d365geek.com"] [uri "/xmlrpc.php"] [unique_id "ajWSmJ9vl6DZuyJ3xChLCQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 19:02:21 (3 days ago)	WordPress Brute Force	Brute-Force
🇩🇪 rh24	2026-06-18 21:32:17 (4 days ago)	(wordpress) Failed wordpress login from 95.137.187.54 (GE/Georgia/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-18 12:46:08 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 08:46:02.186765 2026] [security2:error] [pid 1836:tid 1836] [client 95.137.187.54:53349] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|sneedvillefarmersmarket.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sneedvillefarmersmarket.com"] [uri "/xmlrpc.php"] [unique_id "ajPoioGueDXKQr71ldGe6AAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-16 19:56:44 (6 days ago)	(wordpress) Failed wordpress login from 95.137.187.54 (GE/Georgia/-)	Brute-Force
Anonymous	2026-06-16 19:25:58 (6 days ago)	(wordpress) Failed wordpress login from 95.137.187.54 (GE/Georgia/-)	Brute-Force
Anonymous	2026-06-16 12:29:05 (6 days ago)		Bad Web Bot Web App Attack
Anonymous	2026-06-16 10:25:38 (6 days ago)	[redacted] 95.137.187.54 - - [16/Jun/2026:12:24:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ... show more [redacted] 95.137.187.54 - - [16/Jun/2026:12:24:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" [redacted] 95.137.187.54 - - [16/Jun/2026:12:25:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 95.137.187.54 - - [16/Jun/2026:12:25:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)" [redacted] 95.137.187.54 - - [16/Jun/2026:12:25:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.3; http://site46383220.com" [redacted] 95.137.187.54 - - [16/Jun/2026:12:25:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 00:29:03 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 20:28:59.438750 2026] [security2:error] [pid 20820:tid 20820] [client 95.137.187.54:54218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|billwegener.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "billwegener.net"] [uri "/xmlrpc.php"] [unique_id "ajCYyySdRPMkNECwe2p-WgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 23:59:17 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:59:12.885649 2026] [security2:error] [pid 18836:tid 18836] [client 95.137.187.54:49597] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|jbernsteinpc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jbernsteinpc.com"] [uri "/xmlrpc.php"] [unique_id "ajCR0JJhY9HP7LS8oNY_xgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 18:55:26 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 95.137.187.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 14:55:18.809294 2026] [security2:error] [pid 23946:tid 23946] [client 95.137.187.54:54793] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.137.187.54 (+1 hits since last alert)\|incrp.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "incrp.org"] [uri "/xmlrpc.php"] [unique_id "ajBKljlXfpID1upkc3653QAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 221.163.22.86

🇳🇱 204.76.203.206

🇺🇸 172.208.48.177

🇮🇳 49.207.185.161

🇮🇳 203.200.74.18

🇩🇪 165.245.221.54

🇩🇿 154.241.35.141

🇪🇸 90.173.78.90

🇫🇷 85.217.140.4

🇱🇻 81.30.98.62

🇻🇳 45.117.177.47

🇵🇰 39.47.27.7

🇳🇱 5.61.209.92

🇮🇪 3.255.251.141

🇵🇰 103.150.207.27

🇮🇳 103.140.255.180

🇫🇷 91.231.89.215

🇵🇰 72.255.19.53

🇷🇴 2.57.121.112

🇩🇪 2.26.252.153