AbuseIPDB » 95.142.120.19

95.142.120.19 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 37%: ?

37%

ISP	Avast Slovakia s.r.o.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	r-19-120-142-95.consumer-pool.prcdn.net
Domain Name	avast.com
Country	Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 95.142.120.19

Whois 95.142.120.19

IP Abuse Reports for 95.142.120.19:

This IP address has been reported a total of 44 times from 30 distinct sources. 95.142.120.19 was first reported on May 26th 2021, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
Study Bitcoin 🤗	2025-06-13 00:12:18 (7 hours ago)	2 port probes: 2x tcp/80 (http) [srv124]	Port Scan Bad Web Bot Web App Attack
dynamix	2025-06-12 00:26:28 (1 day ago)	Multiple WAF Violations	Web App Attack
Jason Howell	2025-06-12 00:23:34 (1 day ago)	95.142.120.19 - - [11/Jun/2025:19:23:05 -0500] "GET /wp-admin/images/wp-login.php HTTP/1.1" 301 610 ... show more95.142.120.19 - - [11/Jun/2025:19:23:05 -0500] "GET /wp-admin/images/wp-login.php HTTP/1.1" 301 610 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:76.0) Gecko/20100101 Firefox/76.0" 95.142.120.19 - - [11/Jun/2025:19:23:17 -0500] "GET /wp-includes/fonts/wp-login.php HTTP/1.1" 301 614 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0" 95.142.120.19 - - [11/Jun/2025:19:23:23 -0500] "GET /wp-includes/IXR/wp-login.php HTTP/1.1" 301 610 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" 95.142.120.19 - - [11/Jun/2025:19:23:27 -0500] "GET /xmlrpc.php HTTP/1.1" 301 574 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" 95.142.120.19 - - [11/Jun/2025:19:23:34 -0500] "GET /wp-login.php HTTP/1.1" 301 578 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74. ... show less	Web App Attack
cmbplf	2025-06-10 21:26:48 (2 days ago)	258 requests with url.path /.well-known/acme-challenge/.php 245 requests with url.path /. ... show more258 requests with url.path /.well-known/acme-challenge/.php 245 requests with url.path /.well-known/pki-validation/*.php show less	Brute-Force Bad Web Bot
mondor.ro	2025-06-10 20:29:35 (2 days ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 95.142.120.19, Reason: ... show moreCluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 95.142.120.19, Reason:[(shell) SHELL shell.php Attack 95.142.120.19 (SK/Slovakia/r-19-120-142-95.consumer-pool.prcdn.net): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less	Port Scan
VHosting	2025-06-10 04:30:06 (3 days ago)	Detected attack by Imunify360	Brute-Force Web App Attack
dynamix	2025-06-10 04:27:40 (3 days ago)	Multiple WAF Violations	Web App Attack
Dmitriy Erokhin	2025-05-21 22:30:02 (3 weeks ago)		Brute-Force
quicksand	2025-04-08 18:50:23 (2 months ago)	Malicious URI path [GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php] [python-requests/2.32.3 ... show moreMalicious URI path [GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php] [python-requests/2.32.3] show less	Bad Web Bot Web App Attack
Burayot	2025-04-08 05:24:46 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 95.142.120.19 (SK/Slovakia/r-19-120 ... show moreLF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 95.142.120.19 (SK/Slovakia/r-19-120-142-95.consumer-pool.prcdn.net): 1 in the last 3600 secs show less	Web App Attack
mawan	2025-04-08 02:10:20 (2 months ago)	Suspected of having performed illicit activity on AMS server.	Web App Attack
Anonymous	2025-04-07 17:53:35 (2 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-07 11:31:39 (2 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_MODSEC	Brute-Force SSH
zam	2025-04-07 08:02:51 (2 months ago)	95.142.120.19 - - [07/Apr/2025:08:02:48 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ... show more95.142.120.19 - - [07/Apr/2025:08:02:48 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 74886 show less	Web App Attack
mawan	2025-04-07 07:59:23 (2 months ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack

Showing 1 to 15 of 44 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

117.203.143.68

66.228.42.118

151.238.11.132

198.235.24.231

87.121.84.26

35.203.210.59

83.234.201.217

117.209.36.169

80.94.95.228

18.117.57.162

193.32.162.151

59.99.137.202

14.45.14.157

220.178.8.154

34.23.136.225

170.187.248.20

47.79.204.175

103.153.93.236

116.110.73.67

182.120.114.60