JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 142.154.104.34

142.154.104.34 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 15%: ?

15%

ISP	Saudi Telecom Company JSC
Usage Type	Fixed Line ISP
ASN	AS25019
Domain Name	stc.com.sa
Country	🇸🇦 Saudi Arabia
City	Jeddah, Mecca Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 142.154.104.34

Whois 142.154.104.34

IP Abuse Reports for 142.154.104.34:

This IP address has been reported a total of 17 times from 15 distinct sources. 142.154.104.34 was first reported on April 24th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-09 19:10:23 (2 weeks ago)	ICS Labs identified 142.154.104.34 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇺🇸 NicoID	2026-04-30 00:09:30 (1 month ago)	142.154.104.34 - - [29/Apr/2026:09:48:04 -0600] "POST /xmlrpc.php HTTP/1.1" 200 3309 "-" "WordPress. ... show more 142.154.104.34 - - [29/Apr/2026:09:48:04 -0600] "POST /xmlrpc.php HTTP/1.1" 200 3309 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force
🇺🇸 integrantservices.com	2026-04-29 10:57:16 (1 month ago)	(wordpress) Failed wordpress login from 142.154.104.34 (SA/Saudi Arabia/-)	Brute-Force
Anonymous	2026-04-28 15:12:41 (1 month ago)	(wordpress) Failed wordpress login from 142.154.104.34 (SA/Saudi Arabia/Mecca Region/Jeddah/-/[redac ... show more (wordpress) Failed wordpress login from 142.154.104.34 (SA/Saudi Arabia/Mecca Region/Jeddah/-/[redacted]) show less	Brute-Force
🇺🇸 integrantservices.com	2026-04-28 09:20:42 (1 month ago)	(wordpress) Failed wordpress login from 142.154.104.34 (SA/Saudi Arabia/-)	Brute-Force
Anonymous	2026-04-27 18:32:51 (2 months ago)	Fail2ban filtered ...	Web App Attack
🇳🇱 debestelapp	2026-04-27 15:10:04 (2 months ago)		Web App Attack
🇺🇸 bigwavedave	2026-04-27 11:36:27 (2 months ago)	Wordpress Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 16:59:01 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 142.154.104.34 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 142.154.104.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 12:58:54.511553 2026] [security2:error] [pid 3490:tid 3490] [client 142.154.104.34:59218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 142.154.104.34 (+1 hits since last alert)\|virtualmediamasters.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "virtualmediamasters.net"] [uri "/xmlrpc.php"] [unique_id "ae5EThb0tccAUWgUEwnaiwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-04-26 08:45:09 (2 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-04-26 03:05:13 (2 months ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (63/60 min)'; Requests=63	Port Scan
Anonymous	2026-04-26 02:47:18 (2 months ago)	[redacted] 142.154.104.34 - - [26/Apr/2026:04:46:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 142.154.104.34 - - [26/Apr/2026:04:46:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site23606157.com" [redacted] 142.154.104.34 - - [26/Apr/2026:04:46:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 142.154.104.34 - - [26/Apr/2026:04:46:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site60974579.com" [redacted] 142.154.104.34 - - [26/Apr/2026:04:47:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 142.154.104.34 - - [26/Apr/2026:04:47:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" ... show less	Hacking Web App Attack
Anonymous	2026-04-26 02:38:49 (2 months ago)	IP banned by Fail2Ban due to multiple malicious requests on Nginx	Brute-Force SSH Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 15:51:46 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 142.154.104.34 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 142.154.104.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 11:51:39.378053 2026] [security2:error] [pid 13437:tid 13437] [client 142.154.104.34:53857] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 142.154.104.34 (+1 hits since last alert)\|theamarals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theamarals.com"] [uri "/xmlrpc.php"] [unique_id "aezjC6zWZ6YqPGw0cKBDzgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-04-24 22:33:25 (2 months ago)		Brute-Force Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 216.246.95.186

🇹🇼 211.75.252.252

🇧🇪 198.235.24.238

🇧🇷 187.8.64.94

🇧🇷 177.22.91.42

🇨🇳 112.46.214.34

🇲🇦 105.157.51.102

🇧🇷 102.211.152.138

🇨🇦 85.217.149.12

🇬🇧 74.91.48.31

🇮🇶 65.20.237.175

🇩🇪 45.3.42.217

🇩🇪 37.114.35.120

🇬🇧 35.203.210.229

🇿🇦 197.185.188.131

🇧🇷 179.185.227.77

🇨🇦 85.217.149.74

🇨🇦 85.217.149.51

🇸🇬 47.128.61.239

🇧🇷 45.225.57.114