JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 103.170.179.20

103.170.179.20 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 75%: ?

75%

ISP	Netpoint IT & Communications Pvt. Ltd
Usage Type	Fixed Line ISP
ASN	AS138926
Hostname(s)	103-170-179-20.npisp.pk
Domain Name	netpoint.pk
Country	🇵🇰 Pakistan
City	Islamabad, Islamabad

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 103.170.179.20

Whois 103.170.179.20

IP Abuse Reports for 103.170.179.20:

This IP address has been reported a total of 42 times from 31 distinct sources. 103.170.179.20 was first reported on January 8th 2024, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-25 18:34:33 (14 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
Anonymous	2026-06-25 15:58:16 (17 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-25 15:27:54 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 103.170.179.20 (103-170-179-20.npisp.pk): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 103.170.179.20 (103-170-179-20.npisp.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:27:47.620994 2026] [security2:error] [pid 17565:tid 17565] [client 103.170.179.20:6357] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.170.179.20 (+1 hits since last alert)\|brbcoin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "brbcoin.com"] [uri "/xmlrpc.php"] [unique_id "aj1I8wTas7ae09FqqjmI2AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-25 06:45:13 (1 day ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-24 23:10:12 (1 day ago)		Bad Web Bot Web App Attack
🇳🇱 ConsulHosting	2026-06-24 22:55:25 (1 day ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇫🇮 bittiguru.fi	2026-06-24 22:53:19 (1 day ago)	103.170.179.20 - [25/Jun/2026:01:53:09 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack/12.0; ... show more 103.170.179.20 - [25/Jun/2026:01:53:09 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack/12.0; WordPress/6.3; http://site81723410.com" "-" 103.170.179.20 - [25/Jun/2026:01:53:18 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; https://wordpress.com" "-" ... show less	Hacking Brute-Force Web App Attack
🇫🇮 bittiguru.fi	2026-06-24 22:38:04 (1 day ago)	103.170.179.20 - [25/Jun/2026:01:37:54 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack by Wo ... show more 103.170.179.20 - [25/Jun/2026:01:37:54 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" "-" 103.170.179.20 - [25/Jun/2026:01:38:04 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack/12.0; WordPress/6.1; http://site82249240.com" "-" ... show less	Hacking Brute-Force Web App Attack
🇺🇸 Jason Howell	2026-06-24 18:15:33 (1 day ago)	103.170.179.20 - - [24/Jun/2026:18:01:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack by ... show more 103.170.179.20 - - [24/Jun/2026:18:01:16 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack by WordPress.com" 103.170.179.20 - - [24/Jun/2026:18:03:21 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack/12.0; WordPress/6.3; http://site56087137.com" 103.170.179.20 - - [24/Jun/2026:18:05:29 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4760 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" 103.170.179.20 - - [24/Jun/2026:18:12:40 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack by WordPress.com" 103.170.179.20 - - [24/Jun/2026:18:15:32 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" ... show less	Web App Attack
Anonymous	2026-06-24 18:02:15 (1 day ago)	[redacted] 103.170.179.20 - - [24/Jun/2026:20:01:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 103.170.179.20 - - [24/Jun/2026:20:01:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" [redacted] 103.170.179.20 - - [24/Jun/2026:20:01:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.2; http://site37947460.com" [redacted] 103.170.179.20 - - [24/Jun/2026:20:01:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 103.170.179.20 - - [24/Jun/2026:20:02:02 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" [redacted] 103.170.179.20 - - [24/Jun/2026:20:02:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-06-24 16:44:11 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-22 22:12:04 (3 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇫🇷 Kenshin869	2026-06-14 05:57:42 (1 week ago)	Wordpress unauthorized access attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 05:01:27 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 103.170.179.20 (103-170-179-20.npisp.pk): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 103.170.179.20 (103-170-179-20.npisp.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 01:01:20.522298 2026] [security2:error] [pid 23696:tid 23696] [client 103.170.179.20:59412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 103.170.179.20 (+1 hits since last alert)\|emsystemsltd.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "emsystemsltd.com"] [uri "/xmlrpc.php"] [unique_id "ai41oNeOSmob97H73EutjgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-14 04:55:47 (1 week ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 128.199.216.54

🇬🇧 193.163.125.253

🇩🇪 172.104.240.27

🇰🇷 125.142.37.91

🇺🇸 68.178.206.62

🇳🇱 45.148.10.157

🇺🇸 195.184.76.176

🇫🇷 194.163.142.76

🇩🇪 172.121.16.137

🇺🇸 66.132.186.166

🇳🇱 45.142.193.35

🇫🇮 45.87.249.146

🇸🇰 37.9.175.195

🇸🇬 20.157.117.15

🇺🇸 20.14.87.238

🇺🇸 162.216.150.136

🇫🇷 91.231.89.213

🇷🇺 79.139.163.55

🇺🇸 68.8.49.252

🇭🇰 47.83.120.22