JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.158.64.51

119.158.64.51 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 67%: ?

67%

ISP	IPTV
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Peshawar, Khyber Pakhtunkhwa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.158.64.51

Whois 119.158.64.51

IP Abuse Reports for 119.158.64.51:

This IP address has been reported a total of 26 times from 15 distinct sources. 119.158.64.51 was first reported on June 1st 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 konseptit	2026-06-30 11:08:21 (5 hours ago)	(wordpress) Failed wordpress login from 119.158.64.51 (PK/Pakistan/-)	Brute-Force
🇳🇱 Site.eu	2026-06-28 06:31:27 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-28 04:06:51 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:06:47.025382 2026] [security2:error] [pid 10409:tid 10409] [client 119.158.64.51:64486] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.158.64.51 (+1 hits since last alert)\|stoughtonpipeandwelding.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoughtonpipeandwelding.net"] [uri "/xmlrpc.php"] [unique_id "akCd12c6HoYQi6ubWym2DgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 OceanTreasure	2026-06-27 10:47:23 (3 days ago)	tcp/443; WordPress XML-RPC brute force attempt: "POST /xmlrpc.php" @ 2026-06-27T10:42:01Z [proxy]	Brute-Force
🇺🇸 Jason Howell	2026-06-25 10:05:10 (5 days ago)	119.158.64.51 - - [25/Jun/2026:09:55:20 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack/13. ... show more 119.158.64.51 - - [25/Jun/2026:09:55:20 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack/13.0; WordPress/6.1; http://site75981873.com" 119.158.64.51 - - [25/Jun/2026:09:57:45 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4760 "-" "Jetpack by WordPress.com" 119.158.64.51 - - [25/Jun/2026:09:59:59 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4758 "-" "WordPress.com; https://wordpress.com" 119.158.64.51 - - [25/Jun/2026:10:02:58 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4758 "-" "Jetpack by WordPress.com" 119.158.64.51 - - [25/Jun/2026:10:05:09 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4759 "-" "Jetpack by WordPress.com" ... show less	Web App Attack
🇺🇸 TAY	2026-06-25 09:26:27 (5 days ago)	119.158.64.51 - - [25/Jun/2026:17:25:45 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "WordPress.c ... show more 119.158.64.51 - - [25/Jun/2026:17:25:45 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "WordPress.com; https://wordpress.com" 119.158.64.51 - - [25/Jun/2026:17:25:57 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "WordPress.com; https://wordpress.com" 119.158.64.51 - - [25/Jun/2026:17:26:26 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "WordPress.com; https://wordpress.com" ... show less	Brute-Force
🇩🇪 rh24	2026-06-24 10:08:27 (6 days ago)	(xmlrpc_405) XMLRPC-Bot 405 119.158.64.51 (PK/Pakistan/-)	Hacking
Anonymous	2026-06-23 09:58:10 (1 week ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 10:07:16 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:07:09.277358 2026] [security2:error] [pid 27002:tid 27002] [client 119.158.64.51:63398] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.158.64.51 (+1 hits since last alert)\|globaldentalservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "ajUUzfq0bTvo6zBtvu2JHQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 09:06:02 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 05:05:57.746002 2026] [security2:error] [pid 17983:tid 17983] [client 119.158.64.51:49527] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.158.64.51 (+1 hits since last alert)\|medusakenya.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "medusakenya.com"] [uri "/xmlrpc.php"] [unique_id "ajUGdbNjlhyvs9Lc1xHPIAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-17 11:36:08 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PK/Pakistan/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 06:20:43 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:20:37.036105 2026] [security2:error] [pid 14640:tid 14667] [client 119.158.64.51:62623] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.158.64.51 (+1 hits since last alert)\|munatseng.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "munatseng.org"] [uri "/xmlrpc.php"] [unique_id "aiz2tccqBJuzcDTbjDjm6wAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-12 12:31:10 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-12 12:02:09 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 119.158.64.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 08:02:02.105515 2026] [security2:error] [pid 25073:tid 25073] [client 119.158.64.51:65438] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.158.64.51 (+1 hits since last alert)\|bamedica.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bamedica.com"] [uri "/xmlrpc.php"] [unique_id "aiv1OgR9V8UBWez5vnwy5gAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-12 11:38:26 (2 weeks ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)	Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 103.25.81.131

🇪🇸 79.72.57.232

🇮🇩 180.247.179.206

🇺🇸 162.216.150.127

🇺🇸 162.216.149.96

🇬🇧 154.16.44.212

🇨🇴 152.200.205.179

🇺🇸 152.32.149.47

🇻🇳 123.25.216.177

🇮🇳 103.207.9.246

🇮🇳 103.91.246.73

🇨🇦 85.217.149.38

🇬🇧 35.203.211.85

🇨🇦 165.22.225.218

🇩🇪 141.95.34.214

🇺🇸 136.107.9.249

🇳🇱 91.92.40.7

🇵🇱 84.40.233.156

🇺🇸 66.94.117.226

🇳🇱 20.23.229.100