JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.155.129.138

119.155.129.138 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 64%: ?

64%

ISP	Pakistan Telecommunication Company Limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.com.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.155.129.138

Whois 119.155.129.138

IP Abuse Reports for 119.155.129.138:

This IP address has been reported a total of 17 times from 11 distinct sources. 119.155.129.138 was first reported on June 4th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 13:42:03 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:42:00.679061 2026] [security2:error] [pid 1283:tid 1283] [client 119.155.129.138:49685] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.155.129.138 (+1 hits since last alert)\|allotrope.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "allotrope.com"] [uri "/xmlrpc.php"] [unique_id "aibGqFbELEC8SeU7Kni1FgAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-08 13:40:58 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-08 11:29:05 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:28:59.808590 2026] [security2:error] [pid 14259:tid 14259] [client 119.155.129.138:54878] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.155.129.138 (+1 hits since last alert)\|nordicbuilders.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicbuilders.net"] [uri "/xmlrpc.php"] [unique_id "aianex1VsWensgIwTnk-nAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-08 10:59:45 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:04:39 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:04:31.009353 2026] [security2:error] [pid 19167:tid 19167] [client 119.155.129.138:51282] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.155.129.138 (+1 hits since last alert)\|fivecentmiracle.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fivecentmiracle.com"] [uri "/xmlrpc.php"] [unique_id "aiZpfyL82btIiHosT2gaTQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 06:02:43 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:02:39.489261 2026] [security2:error] [pid 5393:tid 5500] [client 119.155.129.138:58791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.155.129.138 (+1 hits since last alert)\|bortec-corp.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bortec-corp.com"] [uri "/xmlrpc.php"] [unique_id "aiZa_0xEExW1ur7G1ifoOwAAANE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-07 15:30:10 (4 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PK/Pakistan/-	Web App Attack
🇩🇪 grassau.com	2026-06-07 14:30:04 (4 days ago)	(wordpress) Failed wordpress login from 119.155.129.138 (PK/Pakistan/Punjab/Lahore/-)	Brute-Force
🇩🇪 dbmwebdesign	2026-06-07 12:50:19 (4 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇫🇮 YF	2026-06-07 09:00:34 (4 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇫🇷 masterguru	2026-06-05 15:25:48 (6 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-05 14:08:17 (6 days ago)	Attac	Brute-Force
Anonymous	2026-06-05 11:55:37 (6 days ago)	[redacted] 119.155.129.138 - - [05/Jun/2026:13:54:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ... show more [redacted] 119.155.129.138 - - [05/Jun/2026:13:54:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 119.155.129.138 - - [05/Jun/2026:13:55:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 119.155.129.138 - - [05/Jun/2026:13:55:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 119.155.129.138 - - [05/Jun/2026:13:55:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 119.155.129.138 - - [05/Jun/2026:13:55:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:47:34 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:47:27.485612 2026] [security2:error] [pid 1054:tid 1054] [client 119.155.129.138:60784] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.155.129.138 (+1 hits since last alert)\|talentstar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talentstar.com"] [uri "/xmlrpc.php"] [unique_id "aiKbL5xvz7f_LW-AWK8I8QAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:32:12 (6 days ago)	(mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:240335) triggered by 119.155.129.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:32:06.075958 2026] [security2:error] [pid 991:tid 991] [client 119.155.129.138:49481] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.155.129.138 (+1 hits since last alert)\|tarekshohaieb.online\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tarekshohaieb.online"] [uri "/xmlrpc.php"] [unique_id "aiKXlgC1cMqvnw8T3XItGAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.101

🇺🇸 147.185.132.65

🇭🇰 103.81.168.2

🇬🇧 35.203.210.6

🇵🇱 195.116.145.127

🇬🇧 193.163.125.101

🇨🇴 191.97.12.90

🇲🇽 187.191.48.24

🇺🇸 172.93.106.153

🇫🇷 91.231.89.128

🇫🇷 91.231.89.14

🇨🇦 85.217.149.5

🇺🇸 38.145.199.204

🇺🇸 35.255.146.139

🇺🇸 205.210.31.76

🇳🇱 185.226.197.62

🇺🇸 162.216.150.225

🇫🇮 147.185.133.9

🇬🇧 35.203.210.34

🇰🇷 182.31.36.218