JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 60.50.85.172

60.50.85.172 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 100%: ?

100%

ISP	TMNST
Usage Type	Fixed Line ISP
ASN	AS4788
Hostname(s)	172.85.50.60.klj05-home.tm.net.my
Domain Name	tm.com.my
Country	🇲🇾 Malaysia
City	Cyberjaya, Selangor

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 60.50.85.172

Whois 60.50.85.172

IP Abuse Reports for 60.50.85.172:

This IP address has been reported a total of 37 times from 20 distinct sources. 60.50.85.172 was first reported on June 19th 2026, and the most recent report was 13 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 soc-yk	2026-06-24 00:42:13 (13 minutes ago)	Type: suspicious_network_activity Risk: 95 Events: 292 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 95 Events: 292 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇧🇪 cmbplf	2026-06-23 21:10:19 (3 hours ago)	2.819 requests from abuseipdb.com blacklisted IP (1yr7mos1w)	Brute-Force Bad Web Bot
🇺🇸 oralunal	2026-06-23 19:27:05 (5 hours ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-23 18:24:30 (6 hours ago)	Wordpress Vunerability attack	Web App Attack
🇫🇷 dynamix	2026-06-23 16:30:13 (8 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇫🇷 applemooz	2026-06-23 11:44:15 (13 hours ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-23 07:15:04 (17 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-23 03:53:54 (21 hours ago)	Blocked by CSF 13 firewall - Rule: XMLRPC MY/Malaysia/172.85.50.60.klj05-home.tm.net.my	Web App Attack
🇩🇪 Teufel100	2026-06-23 01:20:04 (23 hours ago)	Brutforceangriff auf /xmlrpc.php	Brute-Force Hacking Web App Attack
Anonymous	2026-06-23 00:39:55 (1 day ago)	(wordpress) Failed wordpress login from 60.50.85.172 (MY/Malaysia/Selangor/Cyberjaya/172.85.50.60.kl ... show more (wordpress) Failed wordpress login from 60.50.85.172 (MY/Malaysia/Selangor/Cyberjaya/172.85.50.60.klj05-home.tm.net.my/[redacted]) show less	Brute-Force
🇺🇸 Jason Howell	2026-06-22 23:45:15 (1 day ago)	60.50.85.172 - - [22/Jun/2026:18:36:43 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4738 "-" "Jetpack/12.1 ... show more 60.50.85.172 - - [22/Jun/2026:18:36:43 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4738 "-" "Jetpack/12.1; WordPress/6.2; http://site19512723.com" 60.50.85.172 - - [22/Jun/2026:18:38:51 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4739 "-" "Jetpack/12.1; WordPress/6.1; http://site43243369.com" 60.50.85.172 - - [22/Jun/2026:18:40:59 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4740 "-" "Jetpack by WordPress.com" 60.50.85.172 - - [22/Jun/2026:18:43:06 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4738 "-" "WordPress.com; https://wordpress.com" 60.50.85.172 - - [22/Jun/2026:18:45:14 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4739 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 22:38:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 60.50.85.172 (172.85.50.60.klj05-home.tm.net.my ... show more (mod_security) mod_security (id:240335) triggered by 60.50.85.172 (172.85.50.60.klj05-home.tm.net.my): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:38:46.297422 2026] [security2:error] [pid 966:tid 966] [client 60.50.85.172:54528] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 60.50.85.172 (+1 hits since last alert)\|writebetweenthelines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "writebetweenthelines.com"] [uri "/xmlrpc.php"] [unique_id "ajm5dtrYOOPkKwOm3XEnjAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-22 22:08:23 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 60.50.85.172 (172.85.50.60.klj05-home.tm.net.my ... show more (mod_security) mod_security (id:240335) triggered by 60.50.85.172 (172.85.50.60.klj05-home.tm.net.my): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:08:18.399717 2026] [security2:error] [pid 3846:tid 3855] [client 60.50.85.172:57778] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 60.50.85.172 (+1 hits since last alert)\|campingcosmetics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "campingcosmetics.com"] [uri "/xmlrpc.php"] [unique_id "ajmyUhXJav23rLxNQf-UdQAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-22 15:36:29 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-22 11:09:55 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 60.50.85.172 (172.85.50.60.klj05-home.tm.net.my ... show more (mod_security) mod_security (id:240335) triggered by 60.50.85.172 (172.85.50.60.klj05-home.tm.net.my): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 07:09:48.023902 2026] [security2:error] [pid 14012:tid 14012] [client 60.50.85.172:65155] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 60.50.85.172 (+1 hits since last alert)\|enriquejezik.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enriquejezik.com"] [uri "/xmlrpc.php"] [unique_id "ajkX_LNFKECSBd1bzzkmuAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 172.161.73.175

🇦🇹 152.53.3.237

🇺🇸 142.248.80.137

🇫🇷 91.196.152.218

🇳🇱 91.92.242.225

🇺🇸 64.62.197.122

🇺🇸 185.61.219.240

🇺🇦 176.109.10.49

🇺🇸 147.185.132.31

🇺🇸 146.88.240.100

🇬🇧 81.19.219.223

🇬🇧 81.19.219.218

🇺🇸 44.134.59.217

🇺🇸 44.78.29.161

🇦🇺 40.82.214.8

🇬🇧 31.14.254.58

🇬🇧 31.14.254.20

🇺🇸 2602:80d:1008::9c

🇧🇪 198.235.24.175

🇬🇹 190.151.130.5