AbuseIPDB » 95.142.120.134

95.142.120.134 was found in our database!

This IP was reported 440 times. Confidence of Abuse is 44%: ?

44%

ISP	Avast Slovakia s.r.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	r-134-120-142-95.consumer-pool.prcdn.net
Domain Name	avast.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 95.142.120.134

Whois 95.142.120.134

IP Abuse Reports for 95.142.120.134:

This IP address has been reported a total of 440 times from 179 distinct sources. 95.142.120.134 was first reported on November 29th 2020, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
VHosting	2025-06-22 22:00:06 (2 hours ago)	Detected attack by Imunify360	Brute-Force Web App Attack
dynamix	2025-06-17 06:03:10 (5 days ago)	Multiple WAF Violations	Web App Attack
mnsf	2025-06-16 08:05:23 (6 days ago)	Too many Status 40X (11)	Brute-Force Web App Attack
WCI-Anti-Abuse	2025-06-14 04:00:53 (1 week ago)	WAF: Rate limit exceeded for XMLRPC DoS (fault code) 2- wsit	Email Spam Brute-Force
TPI-Abuse	2025-06-14 03:58:56 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 95.142.120.134 (r-134-120-142-95.consumer-pool. ... show more(mod_security) mod_security (id:225170) triggered by 95.142.120.134 (r-134-120-142-95.consumer-pool.prcdn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 13 23:58:51.296527 2025] [security2:error] [pid 2756127:tid 2756127] [client 95.142.120.134:2025] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.thefitzgeralds.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thefitzgeralds.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aEzze7YpuLm5_7jF_DnR4AAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
cmbplf	2025-06-11 05:19:55 (1 week ago)	341 requests with url.path /.well-known/acme-challenge/.php 336 requests with url.path /. ... show more341 requests with url.path /.well-known/acme-challenge/.php 336 requests with url.path /.well-known/pki-validation/.php 101 requests with url.path /wp.php show less	Brute-Force Bad Web Bot
VHosting	2025-06-11 05:00:06 (1 week ago)	Detected attack by Imunify360	Brute-Force Web App Attack
Anonymous	2025-06-11 04:57:57 (1 week ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
paissangroup	2025-06-10 23:47:58 (1 week ago)	Multiple WAF Violations	Web App Attack
SkyDancer	2024-11-18 12:33:13 (7 months ago)	Multiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by ... show moreMultiple login attempts via RDP and/or SSH using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-A show less	Hacking Brute-Force SSH
Take Down Hackers	2024-11-18 12:25:58 (7 months ago)	Application: RDP - Username: ADMINISTRATOR	Hacking Brute-Force
Kimax	2024-10-08 20:02:39 (8 months ago)	RdpGuard detected brute-force attempt on RDP	Brute-Force
pusathosting.com	2024-09-30 06:50:05 (8 months ago)	2ds22 bruteforce	Brute-Force Web App Attack
TPI-Abuse	2024-09-05 15:05:15 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 95.142.120.134 (r-134-120-142-95.consumer-pool. ... show more(mod_security) mod_security (id:210492) triggered by 95.142.120.134 (r-134-120-142-95.consumer-pool.prcdn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 11:05:11.212528 2024] [security2:error] [pid 766:tid 766] [client 95.142.120.134:5570] [client 95.142.120.134] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.36"] [uri "/.env"] [unique_id "ZtnIp_SYtbEA6OinxhOkqAAAABI"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Savvii	2024-09-05 13:51:28 (9 months ago)	20 attempts against mh-misbehave-ban on acorn	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 440 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

185.156.73.234

65.49.1.95

177.124.14.189

85.9.20.147

180.254.118.203

14.225.208.16

172.69.86.9

20.98.152.158

103.165.231.131

18.97.5.31

103.186.101.248

211.159.161.243

123.245.84.127

162.142.125.253

193.26.115.243

91.191.209.74

118.102.29.68

147.185.132.72

196.251.67.102

27.254.137.199