JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 223.123.42.179

223.123.42.179 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 36%: ?

36%

ISP	CMPak Limited
Usage Type	Fixed Line ISP
ASN	AS138423
Domain Name	zong.com.pk
Country	🇵🇰 Pakistan
City	Islamabad, Islamabad

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 223.123.42.179

Whois 223.123.42.179

IP Abuse Reports for 223.123.42.179:

This IP address has been reported a total of 89 times from 41 distinct sources. 223.123.42.179 was first reported on October 3rd 2024, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-29 03:37:29 (15 hours ago)	Web bot: denial-of-service flood	DDoS Attack Bad Web Bot
🇦🇺 screwlooseit.com.au	2026-06-21 12:21:36 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC CN/China/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 13:14:05 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:13:57.848847 2026] [security2:error] [pid 20271:tid 20271] [client 223.123.42.179:30848] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.123.42.179 (+1 hits since last alert)\|bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bernsteinip.com"] [uri "/xmlrpc.php"] [unique_id "ajKdlSob6LUv5Ef8C39RewAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-17 12:41:34 (1 week ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
Anonymous	2026-06-05 06:44:12 (3 weeks ago)	Attac	Brute-Force
Anonymous	2026-05-22 06:27:18 (1 month ago)	223.123.42.179 - - [22/May/2026:08:26:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12. ... show more 223.123.42.179 - - [22/May/2026:08:26:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.5; WordPress/6.4; http://site83979611.com" 223.123.42.179 - - [22/May/2026:08:26:57 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/12.5; WordPress/6.4; http://site83979611.com" 223.123.42.179 - - [22/May/2026:08:27:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 223.123.42.179 - - [22/May/2026:08:27:06 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com" 223.123.42.179 - - [22/May/2026:08:27:16 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 10:54:38 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 06:54:32.704412 2026] [security2:error] [pid 25406:tid 25406] [client 223.123.42.179:41380] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.123.42.179 (+1 hits since last alert)\|incrp.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "incrp.org"] [uri "/xmlrpc.php"] [unique_id "ag7kaHj4v1PT41Cu3rjDhAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 ger-stg-sifi1	2026-05-20 15:41:24 (1 month ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-05-20 14:29:15 (1 month ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-04-25 13:40:59 (2 months ago)	(mod_security) mod_security (id:240335) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 09:40:55.682024 2026] [security2:error] [pid 19224:tid 19224] [client 223.123.42.179:5323] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 223.123.42.179 (+1 hits since last alert)\|joeordie.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "joeordie.com"] [uri "/xmlrpc.php"] [unique_id "aezEZ3kcZ2hWzBXzHWV0qwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 QT	2026-04-25 10:22:18 (2 months ago)	Unauthorised WordPress admin login attempted at 2026-04-25 20:22:10 +1000	Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 15:04:20 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 223.123.42.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 11:04:14.295808 2026] [security2:error] [pid 10546:tid 10546] [client 223.123.42.179:57945] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|americanacademyofteachersofsinging.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "americanacademyofteachersofsinging.org"] [uri "/wp-json/wp/v2/users"] [unique_id "adJ57siad8EXWw1cexIi-AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-04-05 08:51:45 (2 months ago)	(wordpress) Failed wordpress login from 223.123.42.179 (PK/Pakistan/Punjab/-/-/[redacted]): (CF_ENA ... show more (wordpress) Failed wordpress login from 223.123.42.179 (PK/Pakistan/Punjab/-/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇫🇷 security.rdmc.fr	2026-03-24 04:42:19 (3 months ago)	Port Scan Attack proto:TCP src:50944 dst:23	Port Scan
🇺🇸 MPL	2026-03-24 03:05:52 (3 months ago)	tcp/2323	Port Scan

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇳 196.235.234.200

🇮🇩 163.7.5.228

🇨🇳 223.15.228.240

🇺🇸 207.144.81.53

🇳🇱 199.91.220.206

🇺🇬 196.0.107.2

🇺🇸 192.169.179.77

🇨🇳 182.90.248.108

🇮🇳 115.243.248.82

🇧🇷 200.175.61.207

🇻🇳 171.243.150.146

🇺🇸 156.227.242.107

🇫🇮 147.185.133.157

🇩🇪 147.90.209.6

🇺🇸 136.144.35.24

🇨🇳 117.34.85.168

🇻🇳 103.172.236.15

🇱🇻 31.56.196.120

🇮🇳 27.4.243.33

🇯🇵 160.251.182.78