JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 130.164.149.242

130.164.149.242 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 51%: ?

51%

ISP	Saudi Telecom Company JSC
Usage Type	Fixed Line ISP
ASN	AS25019
Domain Name	stc.com.sa
Country	🇸🇦 Saudi Arabia
City	Dammam, Eastern Province

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 130.164.149.242

Whois 130.164.149.242

IP Abuse Reports for 130.164.149.242:

This IP address has been reported a total of 13 times from 9 distinct sources. 130.164.149.242 was first reported on June 20th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 4server	2026-06-22 07:57:44 (6 days ago)	[MonJun2209:57:38.3088082026][security2:error][pid1552819:tid1552979][client130.164.149.242:0]ModSec ... show more [MonJun2209:57:38.3088082026][security2:error][pid1552819:tid1552979][client130.164.149.242:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"kiteinvest.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajjq8s0Kupj_iPQq6l1jHwAAAQw\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 Kenshin869	2026-06-22 07:15:33 (6 days ago)	Wordpress unauthorized access attempt	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-22 03:01:38 (6 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC SA/Saudi Arabia/-	Web App Attack
🇺🇸 sandap1	2026-06-21 15:10:02 (6 days ago)	Blocked by os-abuseipdb; 3 hits, proto=tcp, ports=443,src_ip=130.164.149.242	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-21 14:47:00 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 10:46:56.189333 2026] [security2:error] [pid 7957:tid 7957] [client 130.164.149.242:51239] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|modmove.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "modmove.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajf5YEFH51tP8B9-LqsLzQAAAFc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-21 14:31:45 (6 days ago)	[SunJun2116:31:39.4337252026][security2:error][pid392640:tid392656][client130.164.149.242:0]ModSecur ... show more [SunJun2116:31:39.4337252026][security2:error][pid392640:tid392656][client130.164.149.242:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"mio-ip.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajf1yycOWVN-snG9t02mdQAAAE4\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 13:02:21 (6 days ago)	(mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 09:02:12.858566 2026] [security2:error] [pid 15927:tid 15927] [client 130.164.149.242:60413] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kmelson.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kmelson.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajfg1B_DrQs5yS3JxFX1BQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 10:37:39 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:37:33.946185 2026] [security2:error] [pid 26384:tid 26384] [client 130.164.149.242:52404] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gellertdealers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gellertdealers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aje-7T3s4Ii1I19WaVvY2wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-06-21 09:53:40 (1 week ago)	fail2ban-ban	Hacking Brute-Force Exploited Host Web App Attack
🇫🇮 stinpriza	2026-06-21 09:01:54 (1 week ago)	Web App Attack	Web App Attack
🇳🇿 Tripwire	2026-06-21 04:44:49 (1 week ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 13:08:06 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 130.164.149.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 09:08:01.644970 2026] [security2:error] [pid 28503:tid 28503] [client 130.164.149.242:63893] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fgrotary.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fgrotary.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajaQsQWhO1yOuwXffYum9AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-20 13:00:06 (1 week ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇴 212.34.11.201

🇹🇭 203.154.158.195

🇳🇱 185.242.226.19

🇳🇱 185.242.226.18

🇺🇸 162.216.149.224

🇧🇷 138.0.246.169

🇨🇳 121.29.84.137

🇲🇲 103.121.226.91

🇳🇱 91.92.40.12

🇳🇱 45.198.224.5

🇲🇼 41.75.114.30

🇱🇹 188.69.225.188

🇽🇰 185.186.83.87

🇨🇳 182.43.76.120

🇫🇷 167.17.64.175

🇺🇸 136.144.35.152

🇵🇰 111.92.145.9

🇩🇪 87.172.233.184

🇺🇸 31.97.7.29

🇩🇪 185.30.32.68