JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 58.69.123.4

58.69.123.4 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 82%: ?

82%

ISP	IPG
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	58.69.123.4.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Quezon City, National Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 58.69.123.4

Whois 58.69.123.4

IP Abuse Reports for 58.69.123.4:

This IP address has been reported a total of 48 times from 20 distinct sources. 58.69.123.4 was first reported on April 11th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 12:52:37 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 58.69.123.4 (58.69.123.4.pldt.net): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 58.69.123.4 (58.69.123.4.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 08:52:32.607118 2026] [security2:error] [pid 4745:tid 4745] [client 58.69.123.4:6675] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 58.69.123.4 (+1 hits since last alert)\|climasyequipos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "climasyequipos.com"] [uri "/xmlrpc.php"] [unique_id "ajfekLgkhh46sfaHTmRBdQAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-21 12:31:08 (1 hour ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PH/Philippines/58.69.123.4.pldt.net	Web App Attack
Anonymous	2026-06-20 20:30:38 (17 hours ago)	[redacted] 58.69.123.4 - - [20/Jun/2026:22:29:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jet ... show more [redacted] 58.69.123.4 - - [20/Jun/2026:22:29:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site70612922.com" [redacted] 58.69.123.4 - - [20/Jun/2026:22:29:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 58.69.123.4 - - [20/Jun/2026:22:30:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site72274424.com" [redacted] 58.69.123.4 - - [20/Jun/2026:22:30:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site81869041.com" [redacted] 58.69.123.4 - - [20/Jun/2026:22:30:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇩🇪 rh24	2026-06-19 21:04:42 (1 day ago)	(xmlrpc_405) XMLRPC-Bot 405 58.69.123.4 (PH/Philippines/58.69.123.4.pldt.net)	Hacking
🇺🇸 TPI-Abuse	2026-06-19 15:27:13 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 58.69.123.4 (58.69.123.4.pldt.net): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 58.69.123.4 (58.69.123.4.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 11:27:04.905227 2026] [security2:error] [pid 24730:tid 24738] [client 58.69.123.4:58938] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 58.69.123.4 (+1 hits since last alert)\|howlerrock.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "howlerrock.com"] [uri "/xmlrpc.php"] [unique_id "ajVfyLMC-YS7TDU7BPUQoAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-18 00:47:33 (3 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇫🇷 masterguru	2026-06-17 12:22:58 (4 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇫🇷 dynamix	2026-06-16 17:10:46 (4 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-15 14:07:37 (5 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 15:23:00 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 58.69.123.4 (58.69.123.4.pldt.net): 1 in the la ... show more (mod_security) mod_security (id:240335) triggered by 58.69.123.4 (58.69.123.4.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:22:53.072818 2026] [security2:error] [pid 11184:tid 11184] [client 58.69.123.4:16573] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 58.69.123.4 (+1 hits since last alert)\|grabagame.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "grabagame.com"] [uri "/xmlrpc.php"] [unique_id "aiwkTaYp_jZXVzmoDFEiJgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-12 10:48:10 (1 week ago)	(wordpress) Failed wordpress login from 58.69.123.4 (PH/Philippines/Metro Manila/Manila/58.69.123.4. ... show more (wordpress) Failed wordpress login from 58.69.123.4 (PH/Philippines/Metro Manila/Manila/58.69.123.4.pldt.net) show less	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-11 13:56:04 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PH/Philippines/58.69.123.4.pldt.net	Web App Attack
🇩🇪 konseptit	2026-06-11 09:05:33 (1 week ago)	(wordpress) Failed wordpress login from 58.69.123.4 (PH/Philippines/58.69.123.4.pldt.net)	Brute-Force
🇧🇷 dominioz	2026-06-09 11:25:32 (1 week ago)	2026-06-09 11:24:13 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 202 ... show more 2026-06-09 11:24:13 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 Jetpack+by+WordPress.com - 200 650 2026-06-09 11:24:24 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650 2026-06-09 11:24:56 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+12.5;+WordPress+6.4) - 200 650 ... show less	Web App Attack
🇧🇷 dominioz	2026-06-09 00:05:19 (1 week ago)	2026-06-09 00:01:55 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 WordPress.com;+https://wordpress.com - ... show more 2026-06-09 00:01:55 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650 2026-06-09 00:02:53 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 Jetpack+by+WordPress.com - 200 0 2026-06-09 00:02:59 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 Jetpack/12.0;+WordPress/6.2;+http://site95168231.com - 200 650 2026-06-09 00:04:38 POST /xmlrpc.php - - 58.69.123.4 HTTP/1.1 Jetpack/12.0;+WordPress/6.4;+http://site83962367.com - 200 650 ... show less	Web App Attack

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 2620:171:b5:f003:9999::178

🇰🇷 218.156.93.206

🇨🇱 216.155.93.75

🇻🇪 201.249.205.94

🇦🇷 190.229.67.85

🇷🇺 176.57.76.206

🇧🇩 103.183.62.1

🇸🇰 95.105.192.186

🇳🇱 91.92.40.11

🇩🇪 43.157.98.118

🇪🇬 41.128.181.199

🇳🇱 213.152.161.54

🇰🇪 197.231.178.56

🇩🇪 194.88.98.121

🇧🇷 191.5.31.61

🇧🇷 187.62.87.27

🇧🇷 187.8.120.90

🇭🇰 156.251.179.157

🇯🇵 118.193.61.170

🇮🇱 2.54.99.50