JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.192.21.70

154.192.21.70 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 53%: ?

53%

ISP	Nayatel Private Limited
Usage Type	Fixed Line ISP
ASN	AS23674
Domain Name	nayatel.com
Country	🇵🇰 Pakistan
City	Islamabad, Islamabad

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.192.21.70

Whois 154.192.21.70

IP Abuse Reports for 154.192.21.70:

This IP address has been reported a total of 13 times from 8 distinct sources. 154.192.21.70 was first reported on June 6th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-06-11 01:36:58 (3 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 22:42:52 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:42:46.375696 2026] [security2:error] [pid 1965:tid 1965] [client 154.192.21.70:55258] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.192.21.70 (+1 hits since last alert)\|tcomputerguy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tcomputerguy.com"] [uri "/xmlrpc.php"] [unique_id "ainoZv_SSXdJPycZ0rWVfwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Teufel100	2026-06-10 18:04:58 (11 hours ago)	Brutforceangriff auf /xmlrpc.php	Brute-Force Hacking Web App Attack
🇩🇪 4server	2026-06-10 14:22:19 (14 hours ago)	[WedJun1016:22:17.4077602026][security2:error][pid485845:tid485916][client154.192.21.70:0]ModSecurit ... show more [WedJun1016:22:17.4077602026][security2:error][pid485845:tid485916][client154.192.21.70:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"domoticaswiss.ch\"][uri\"/xmlrpc.php\"][unique_id\"ailzGcV78j6EwIfG50f5DgAAAII\"] show less	Port Scan Brute-Force Web App Attack
🇳🇱 ConsulHosting	2026-06-10 12:55:00 (16 hours ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇺🇸 integrantservices.com	2026-06-10 12:07:20 (17 hours ago)	(wordpress) Failed wordpress login from 154.192.21.70 (PK/Pakistan/-)	Brute-Force
Anonymous	2026-06-09 11:54:40 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 10:03:49 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 06:03:43.912949 2026] [security2:error] [pid 27930:tid 27930] [client 154.192.21.70:55894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.192.21.70 (+1 hits since last alert)\|bonesband.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bonesband.com"] [uri "/xmlrpc.php"] [unique_id "aifk_8CXcOwpCzeYjpRCvQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-06-09 07:33:12 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 01:00:09 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 21:00:03.328326 2026] [security2:error] [pid 3250:tid 3250] [client 154.192.21.70:55582] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.192.21.70 (+1 hits since last alert)\|maffiniandbearce.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maffiniandbearce.com"] [uri "/xmlrpc.php"] [unique_id "aidlk9AAzJMgDGUh4-J9wQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-08 12:39:52 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 11:13:10 (4 days ago)	(mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 154.192.21.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 07:13:05.094257 2026] [security2:error] [pid 8597:tid 8597] [client 154.192.21.70:56299] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 154.192.21.70 (+1 hits since last alert)\|medusakenya.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "medusakenya.com"] [uri "/xmlrpc.php"] [unique_id "aiQAwRyHUWpLF_ksVeoiPwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 11:10:16 (4 days ago)	Attac	Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.22

🇮🇳 182.95.185.74

🇮🇳 152.52.246.94

🇵🇪 149.34.48.186

🇺🇸 147.185.132.223

🇳🇱 82.21.7.232

🇺🇸 64.62.197.24

🇬🇧 35.203.211.246

🇨🇦 172.70.80.185

🇮🇳 122.187.249.88

🇹🇼 111.70.32.11

🇷🇺 87.250.9.98

🇰🇷 61.76.112.4

🇧🇷 45.5.102.93

🇬🇧 35.203.210.122

🇹🇷 31.145.131.202

🇺🇸 198.7.56.121

🇩🇪 185.242.3.173

🇫🇷 185.194.216.197

🇧🇷 179.125.157.171