JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.65.130.58

58.65.130.58 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 37%: ?

37%

ISP	Nayatel (Pvt) Ltd
Usage Type	Fixed Line ISP
ASN	AS23674
Hostname(s)	mbl-65-130-58.dsl.net.pk
Domain Name	nayatel.com
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.65.130.58

Whois 58.65.130.58

IP Abuse Reports for 58.65.130.58:

This IP address has been reported a total of 17 times from 11 distinct sources. 58.65.130.58 was first reported on February 23rd 2026, and the most recent report was 23 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 netclix.gr	2026-06-15 07:20:27 (23 hours ago)	(wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk): (CF_EN ... show more (wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk): (CF_ENABLE) show less	Brute-Force
🇫🇷 dynamix	2026-06-15 07:20:24 (23 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-12 11:14:04 (3 days ago)	[server.tmg.gr] httpd-xmlrpc-post: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr. ... show more [server.tmg.gr] httpd-xmlrpc-post: sites=aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-11 17:12:14 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 07:56:27 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 58.65.130.58 (mbl-65-130-58.dsl.net.pk): 1 in t ... show more (mod_security) mod_security (id:225170) triggered by 58.65.130.58 (mbl-65-130-58.dsl.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:56:19.243179 2026] [security2:error] [pid 1149:tid 1149] [client 58.65.130.58:56426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|michaelthompson.biz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "michaelthompson.biz"] [uri "/wp-json/wp/v2/users"] [unique_id "ah_eIxGF0AcbxJbzsIrVWAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-05-23 08:49:22 (3 weeks ago)	58.65.130.58 - - [23/May/2026:10:49:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4908 "-" "Jetpack by W ... show more 58.65.130.58 - - [23/May/2026:10:49:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4908 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" 58.65.130.58 - - [23/May/2026:10:49:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4908 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" 58.65.130.58 - - [23/May/2026:10:49:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4908 "-" "WordPress.com; https://wordpress.com" show less	Hacking Web App Attack
🇸🇪 konseptit	2026-05-06 10:03:29 (1 month ago)	(wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk)	Brute-Force
Anonymous	2026-04-28 05:38:40 (1 month ago)	(wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk): (CF_EN ... show more (wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-27 08:41:10 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 58.65.130.58 (mbl-65-130-58.dsl.net.pk): 1 in t ... show more (mod_security) mod_security (id:240335) triggered by 58.65.130.58 (mbl-65-130-58.dsl.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 04:41:03.341748 2026] [security2:error] [pid 32436:tid 32436] [client 58.65.130.58:26403] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 58.65.130.58 (+1 hits since last alert)\|ewingmissouri.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ewingmissouri.com"] [uri "/xmlrpc.php"] [unique_id "ae8hH9YLRde8TnyDkzz_3QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-24 07:09:00 (1 month ago)	(wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk)	Brute-Force
🇺🇸 TPI-Abuse	2026-04-16 13:12:58 (1 month ago)	(mod_security) mod_security (id:240335) triggered by 58.65.130.58 (mbl-65-130-58.dsl.net.pk): 1 in t ... show more (mod_security) mod_security (id:240335) triggered by 58.65.130.58 (mbl-65-130-58.dsl.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 09:12:53.388608 2026] [security2:error] [pid 650466:tid 650466] [client 58.65.130.58:54896] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 58.65.130.58 (+1 hits since last alert)\|fundingworkingcapital.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundingworkingcapital.com"] [uri "/xmlrpc.php"] [unique_id "aeDgVfhs1Y2Y0-nOwJHv3wAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-04-14 18:12:54 (2 months ago)	(wordpress) Failed wordpress login from 58.65.130.58 (PK/Pakistan/mbl-65-130-58.dsl.net.pk)	Brute-Force
🇺🇸 stechusa	2026-04-08 09:17:33 (2 months ago)	ELEVATED_THREAT \| 106 IPs targeting /brand/satco-products-inc.html \| URL template shared by 7 IPs: / ... show more ELEVATED_THREAT \| 106 IPs targeting /brand/satco-products-inc.html \| URL template shared by 7 IPs: /brand/satco-products-inc.html?bulb_base_type=&bulb_shape=&bulb_type=*&mode=li \| Facet request during elevated threat (facet_ratio=0.96, unique_ips=518) show less	Bad Web Bot DDoS Attack
🇷🇴 clauss	2026-04-06 19:55:46 (2 months ago)	IP reached maximum auth failures for a one day block	Brute-Force
🇺🇸 kosada.com	2026-03-20 13:21:28 (2 months ago)	Web bot: DDoS	DDoS Attack Bad Web Bot

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 161.169.182.34

🇮🇳 103.188.18.17

🇷🇺 95.215.0.145

🇺🇸 66.132.195.23

🇨🇦 35.203.103.253

🇺🇸 34.125.41.176

🇧🇪 198.235.24.139

🇷🇺 80.69.186.68

🇳🇱 45.148.10.151

🇭🇰 223.197.248.209

🇨🇳 223.109.255.165

🇫🇷 217.71.127.125

🇧🇷 181.218.9.86

🇧🇷 177.152.143.101

🇺🇸 173.244.60.241

🇺🇸 170.106.11.6

🇹🇭 165.154.51.193

🇭🇰 156.245.246.50

🇧🇷 45.165.14.197

🇳🇱 45.148.10.157