JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.169.53.244

58.169.53.244 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 74%: ?

74%

ISP	Telstra Limited
Usage Type	Fixed Line ISP
ASN	AS1221
Hostname(s)	cpe-58-169-53-244.wb02.wa.asp.telstra.net
Domain Name	telstra.net
Country	🇦🇺 Australia
City	Perth, Western Australia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.169.53.244

Whois 58.169.53.244

IP Abuse Reports for 58.169.53.244:

This IP address has been reported a total of 15 times from 14 distinct sources. 58.169.53.244 was first reported on June 2nd 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 screwlooseit.com.au	2026-06-13 07:43:46 (7 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC AU/Australia/cpe-58-169-53-244.wb02.wa.asp.telstra.net	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 16:27:55 (1 day ago)	(mod_security) mod_security (id:225170) triggered by 58.169.53.244 (cpe-58-169-53-244.wb02.wa.asp.te ... show more (mod_security) mod_security (id:225170) triggered by 58.169.53.244 (cpe-58-169-53-244.wb02.wa.asp.telstra.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 12:27:49.813966 2026] [security2:error] [pid 22899:tid 22899] [client 58.169.53.244:62895] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|shelbysmoak.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shelbysmoak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "airiBQLX4WNwpZgm_ohaogAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 lnklnx	2026-06-11 12:01:08 (2 days ago)	www.lincolnclan.com:443 58.169.53.244 - - [11/Jun/2026:07:01:06 -0500] "POST /xmlrpc.php HTTP/1.1" 4 ... show more www.lincolnclan.com:443 58.169.53.244 - - [11/Jun/2026:07:01:06 -0500] "POST /xmlrpc.php HTTP/1.1" 401 3875 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/83.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 koinkash.org	2026-06-11 11:20:36 (2 days ago)	They are fraudulent. Malicious threat actor requesting php file /xmlrpc.php	Web App Attack
🇫🇷 dynamix	2026-06-11 04:46:14 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-10 08:09:46 (3 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC AU/Australia/cpe-58-169-53-244.wb02.wa.asp.telstra.net	Web App Attack
🇳🇱 MM-bot	2026-06-10 02:07:32 (3 days ago)	URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2026-06-10 04:07:32 UTC+2)	Web App Attack Hacking
Anonymous	2026-06-09 07:40:03 (4 days ago)	Web App Attack, Hacking	Hacking Web App Attack
🇩🇪 rh24	2026-06-08 13:53:24 (5 days ago)	(xmlrpc_405) XMLRPC-Bot 405 58.169.53.244 (AU/Australia/cpe-58-169-53-244.wb02.wa.asp.telstra.net)	Hacking
🇩🇪 grassau.com	2026-06-05 17:11:58 (1 week ago)	(wordpress) Failed wordpress login from 58.169.53.244 (AU/Australia/Western Australia/Perth/cpe-58-1 ... show more (wordpress) Failed wordpress login from 58.169.53.244 (AU/Australia/Western Australia/Perth/cpe-58-169-53-244.wb02.wa.asp.telstra.net) show less	Brute-Force
🇨🇭 4server	2026-06-04 02:59:46 (1 week ago)	[ThuJun0404:59:43.3043492026][security2:error][pid2076702:tid2076999][client58.169.53.244:0]ModSecur ... show more [ThuJun0404:59:43.3043492026][security2:error][pid2076702:tid2076999][client58.169.53.244:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"verticalti.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiDqH9Np3eT8D7zNseDo1AAAAM4\"] show less	Hacking Web App Attack
🇩🇪 Marc	2026-06-03 13:50:35 (1 week ago)	58.169.53.244 - - [03/Jun/2026:15:46:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 2997 "-" "Mozilla/5.0 ... show more 58.169.53.244 - - [03/Jun/2026:15:46:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 2997 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/95.0.0.0 Safari/537.36" 58.169.53.244 - - [03/Jun/2026:15:49:50 +0200] "POST /xmlrpc.php HTTP/1.1" 403 2997 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/85.0.0.0 Safari/537.36" 58.169.53.244 - - [03/Jun/2026:15:50:34 +0200] "POST /xmlrpc.php HTTP/1.1" 403 2998 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇳🇱 wlt-blocker	2026-06-03 09:47:48 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇸🇪 vaia.cloud	2026-06-03 04:33:01 (1 week ago)	trying wp-login.php/xmlrpc.php 30 times in 1 minutes	Brute-Force Web App Attack
🇫🇮 inlink.ltd	2026-06-02 06:42:01 (1 week ago)	Known malicious PHP file or CMS probe	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.202.112.246

🇩🇪 144.31.196.42

🇲🇰 92.53.24.123

🇷🇴 80.94.92.167

🇨🇳 61.171.95.18

🇨🇳 140.143.151.75

🇸🇬 103.250.11.176

🇳🇱 89.248.167.131

🇨🇳 58.209.234.84

🇸🇬 47.237.119.90

🇳🇱 45.148.10.151

🇬🇧 35.203.210.97

🇺🇸 2602:fb54:1a00::77

🇧🇷 201.150.158.86

🇨🇳 182.54.23.208

🇻🇳 171.231.197.106

🇸🇬 152.42.227.173

🇧🇷 147.15.20.173

🇨🇳 116.132.61.50

🇮🇳 103.250.149.148