JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.125.150.41

154.125.150.41 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 48%: ?

48%

ISP	SONATEL Societe Nationale Des Telecommunications Du Senegal
Usage Type	Fixed Line ISP
ASN	AS8346
Domain Name	sonatel.sn
Country	🇸🇳 Senegal
City	Dakar, Dakar

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.125.150.41

Whois 154.125.150.41

IP Abuse Reports for 154.125.150.41:

This IP address has been reported a total of 16 times from 7 distinct sources. 154.125.150.41 was first reported on June 15th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-19 19:04:07 (1 day ago)	[ssd5.kdns.gr] httpd-xmlrpc-post: sites=goingkoi.com.cy; logs=/var/log/httpd/domains/goingkoi.com.cy ... show more [ssd5.kdns.gr] httpd-xmlrpc-post: sites=goingkoi.com.cy; logs=/var/log/httpd/domains/goingkoi.com.cy.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:52:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:52:44.416770 2026] [security2:error] [pid 14717:tid 14737] [client 154.125.150.41:64694] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|datuinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "datuinc.com"] [uri "/xmlrpc.php"] [unique_id "ajVz3MF3MWG7uIUa8AbuDwAAAIs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-19 16:51:47 (1 day ago)	(wordpress) Failed wordpress login from 154.125.150.41 (SN/Senegal/-)	Brute-Force
Anonymous	2026-06-19 13:16:01 (1 day ago)	[redacted] 154.125.150.41 - - [19/Jun/2026:15:15:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 154.125.150.41 - - [19/Jun/2026:15:15:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)" [redacted] 154.125.150.41 - - [19/Jun/2026:15:15:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 154.125.150.41 - - [19/Jun/2026:15:15:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" [redacted] 154.125.150.41 - - [19/Jun/2026:15:15:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 154.125.150.41 - - [19/Jun/2026:15:15:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇩🇪 LRob.fr	2026-06-19 11:00:08 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 15:15:15 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:15:11.680402 2026] [security2:error] [pid 8244:tid 8244] [client 154.125.150.41:54914] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|edgebiopharma.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgebiopharma.com"] [uri "/xmlrpc.php"] [unique_id "ajQLf6l2ZCvN4fyf9YdbrwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 13:02:19 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 09:02:13.260635 2026] [security2:error] [pid 19416:tid 19416] [client 154.125.150.41:55629] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|walkercline.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "walkercline.com"] [uri "/xmlrpc.php"] [unique_id "ajPsVQi7TZP1UcVzsgN9AAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 12:29:53 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 08:29:45.705831 2026] [security2:error] [pid 32298:tid 32298] [client 154.125.150.41:60317] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|globalsolutions.technology\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globalsolutions.technology"] [uri "/xmlrpc.php"] [unique_id "ajPkuXj_g8N4boJ3tE2KNwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 09:46:38 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 05:46:30.671542 2026] [security2:error] [pid 20150:tid 20150] [client 154.125.150.41:60489] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|doublenaughtspycar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doublenaughtspycar.com"] [uri "/xmlrpc.php"] [unique_id "ajO-dnrhVtCHFE1Ovhju7wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 11:49:59 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:49:53.739888 2026] [security2:error] [pid 14190:tid 14190] [client 154.125.150.41:57215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|richmondrents.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "richmondrents.com"] [uri "/xmlrpc.php"] [unique_id "ajKJ4QsvtjQBasqQnICONwAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 10:18:31 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 06:18:26.477181 2026] [security2:error] [pid 10774:tid 10774] [client 154.125.150.41:63625] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|cubbylure.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cubbylure.com"] [uri "/xmlrpc.php"] [unique_id "ajJ0crQ8gnqu3qdeY8TSpwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-06-16 13:34:38 (4 days ago)	AutoBlock: 🔐 WordPress Login Brute Force (20X or 30X) (Decay-Based)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 12:22:59 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 08:22:53.939253 2026] [security2:error] [pid 549:tid 549] [client 154.125.150.41:60166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mrflatpeople.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mrflatpeople.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajFAHQC8mD60qUa5rh0nEgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-15 18:24:58 (5 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:56:48 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 154.125.150.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:56:43.693686 2026] [security2:error] [pid 22128:tid 22144] [client 154.125.150.41:58843] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.125.150.41 (+1 hits since last alert)\|jimlawrencesongs.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jimlawrencesongs.com"] [uri "/xmlrpc.php"] [unique_id "ajAuy9O1f0LFAhtn4ut9JQAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 211.75.210.109

🇺🇸 205.210.31.95

🇺🇸 205.210.31.54

🇺🇸 205.210.31.50

🇳🇱 185.107.80.93

🇨🇦 178.128.225.188

🇩🇪 165.22.19.53

🇩🇪 151.243.11.248

🇮🇳 122.177.242.181

🇨🇭 107.189.12.157

🇨🇳 106.74.16.60

🇭🇰 47.242.105.178

🇺🇸 35.141.168.69

🇶🇦 23.248.180.37

🇺🇸 205.210.31.47

🇺🇸 205.210.31.46

🇦🇪 165.154.12.82

🇺🇸 162.216.150.7

🇺🇸 150.107.38.138

🇧🇷 131.100.242.102