JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 95.156.137.0

95.156.137.0 was found in our database!

This IP was reported 4 times. Confidence of Abuse is 15%: ?

15%

ISP	HT d.o.o. Mostar
Usage Type	Fixed Line ISP
ASN	AS20875
Hostname(s)	adsl51mo0.tel.net.ba
Domain Name	tel.net.ba
Country	🇧🇦 Bosnia and Herzegovina
City	Capljina, Federation of B&H

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 95.156.137.0

Whois 95.156.137.0

IP Abuse Reports for 95.156.137.0:

This IP address has been reported a total of 4 times from 3 distinct sources. 95.156.137.0 was first reported on March 19th 2021, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 20:14:54 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 95.156.137.0 (adsl51mo0.tel.net.ba): 1 in the l ... show more (mod_security) mod_security (id:240335) triggered by 95.156.137.0 (adsl51mo0.tel.net.ba): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:14:46.355721 2026] [security2:error] [pid 25288:tid 25288] [client 95.156.137.0:53819] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 95.156.137.0 (+1 hits since last alert)\|brbcoin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "brbcoin.com"] [uri "/xmlrpc.php"] [unique_id "ajGutru_pBojocWO7ahSEQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 19:23:08 (2 hours ago)	(mod_security) mod_security (id:225170) triggered by 95.156.137.0 (adsl51mo0.tel.net.ba): 1 in the l ... show more (mod_security) mod_security (id:225170) triggered by 95.156.137.0 (adsl51mo0.tel.net.ba): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 15:23:00.428232 2026] [security2:error] [pid 1571:tid 1571] [client 95.156.137.0:60727] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|exhaustthelimits.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "exhaustthelimits.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajGilEq8rK1HVtnHOAa92AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Holger	2026-06-16 17:12:23 (4 hours ago)	WordPress WebAttack	Brute-Force Web App Attack
🇬🇷 gbetsis	2021-03-19 04:07:44 (5 years ago)	SMB Server BruteForce Attack	Port Scan Brute-Force

Showing 1 to 4 of 4 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.73.56.10

🇨🇳 182.90.219.254

🇸🇬 161.118.194.254

🇧🇷 118.26.105.144

🇫🇮 94.159.112.56

🇺🇸 91.230.168.125

🇷🇺 85.30.219.198

🇧🇷 20.197.235.71

🇨🇳 223.91.89.255

🇰🇷 203.245.41.180

🇩🇪 185.216.214.42

🇨🇳 183.164.3.219

🇩🇪 167.94.146.41

🇮🇩 116.68.162.210

🇬🇧 92.27.157.252

🇳🇱 91.92.40.217

🇳🇱 81.19.216.120

🇨🇳 58.42.204.29

🇳🇱 45.156.87.166

🇸🇬 43.133.61.254