JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 170.246.120.58

170.246.120.58 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 48%: ?

48%

ISP	Net Flex Ltda ME
Usage Type	Fixed Line ISP
ASN	AS52794
Hostname(s)	120-246-170-58.netflexisp.com.br
Domain Name	netflexisp.com.br
Country	🇧🇷 Brazil
City	Duque de Caxias, Rio de Janeiro

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 170.246.120.58

Whois 170.246.120.58

IP Abuse Reports for 170.246.120.58:

This IP address has been reported a total of 13 times from 10 distinct sources. 170.246.120.58 was first reported on December 20th 2020, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 00:11:43 (2 hours ago)	(mod_security) mod_security (id:240335) triggered by 170.246.120.58 (120-246-170-58.netflexisp.com.b ... show more (mod_security) mod_security (id:240335) triggered by 170.246.120.58 (120-246-170-58.netflexisp.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 20:11:36.953087 2026] [security2:error] [pid 4969:tid 4969] [client 170.246.120.58:48510] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 170.246.120.58 (+1 hits since last alert)\|ashwoodsecurity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ashwoodsecurity.com"] [uri "/xmlrpc.php"] [unique_id "ai9DOARnDWrCrmGFFpVVcQAAACM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 18:31:31 (8 hours ago)	[redacted] 170.246.120.58 - - [14/Jun/2026:20:30:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" " ... show more [redacted] 170.246.120.58 - - [14/Jun/2026:20:30:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 170.246.120.58 - - [14/Jun/2026:20:30:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 170.246.120.58 - - [14/Jun/2026:20:31:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 170.246.120.58 - - [14/Jun/2026:20:31:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 170.246.120.58 - - [14/Jun/2026:20:31:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.1; WordPress/6.2; http://site66974016.com" ... show less	Hacking Web App Attack
🇫🇷 masterguru	2026-06-14 08:04:31 (18 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-13 21:10:50 (1 day ago)	[redacted] 170.246.120.58 - - [13/Jun/2026:23:10:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 170.246.120.58 - - [13/Jun/2026:23:10:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 170.246.120.58 - - [13/Jun/2026:23:10:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" [redacted] 170.246.120.58 - - [13/Jun/2026:23:10:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 170.246.120.58 - - [13/Jun/2026:23:10:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 170.246.120.58 - - [13/Jun/2026:23:10:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇩🇪 rh24	2026-06-13 20:09:56 (1 day ago)	(wordpress) Failed wordpress login from 170.246.120.58 (BR/Brazil/120-246-170-58.netflexisp.com.br): ... show more (wordpress) Failed wordpress login from 170.246.120.58 (BR/Brazil/120-246-170-58.netflexisp.com.br): (CF_ENABLE) show less	Brute-Force
🇫🇷 dynamix	2026-06-13 11:57:37 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-10 20:47:33 (4 days ago)	[redacted] 170.246.120.58 - - [10/Jun/2026:22:46:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ... show more [redacted] 170.246.120.58 - - [10/Jun/2026:22:46:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.1; http://site22562855.com" [redacted] 170.246.120.58 - - [10/Jun/2026:22:47:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site59476362.com" [redacted] 170.246.120.58 - - [10/Jun/2026:22:47:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site98841427.com" [redacted] 170.246.120.58 - - [10/Jun/2026:22:47:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 170.246.120.58 - - [10/Jun/2026:22:47:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" ... show less	Hacking Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-09 03:06:57 (5 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC BR/Brazil/120-246-170-58.netflexisp.com.br	Web App Attack
🇳🇱 wlt-blocker	2026-06-09 02:37:05 (5 days ago)	Unauthorized access to webpage admin	Web App Attack
🇧🇷 felipeforte	2025-08-28 01:32:45 (9 months ago)	Part of a massive DDoS/scraping botnet	DDoS Attack Bad Web Bot
🇬🇷 gbetsis	2024-01-30 22:02:36 (2 years ago)	TCP Port Scanning	Port Scan Exploited Host
🇬🇷 gbetsis	2024-01-20 17:16:55 (2 years ago)	TCP Port Scanning	Port Scan Exploited Host
🇺🇸 IrisFlower	2020-12-20 04:56:49 (5 years ago)	Unauthorized connection attempt detected from IP address 170.246.120.58 to port 80	Hacking

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 210.10.76.113

🇬🇧 193.163.125.170

🇫🇮 178.20.210.208

🇧🇼 168.167.228.74

🇬🇧 88.97.206.181

🇨🇦 34.130.152.241

🇩🇪 31.18.250.126

🇺🇸 24.105.248.218

🇱🇹 194.165.16.162

🇲🇳 180.149.125.207

🇳🇱 178.16.54.74

🇳🇱 176.65.139.205

🇺🇸 147.185.132.111

🇩🇪 134.122.65.130

🇨🇳 101.67.138.112

🇬🇪 91.239.206.123

🇮🇹 78.134.49.171

🇸🇪 74.241.134.117

🇩🇪 69.5.169.120

🇮🇶 65.20.179.251