JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.185.134.27

182.185.134.27 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 65%: ?

65%

ISP	USF DSLAM South
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.185.134.27

Whois 182.185.134.27

IP Abuse Reports for 182.185.134.27:

This IP address has been reported a total of 19 times from 10 distinct sources. 182.185.134.27 was first reported on June 8th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 WeekendWeb	2026-06-11 12:07:32 (16 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:08:44 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:08:40.225114 2026] [security2:error] [pid 31587:tid 31587] [client 182.185.134.27:52500] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|studiopilates.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "studiopilates.net"] [uri "/xmlrpc.php"] [unique_id "aiqXOA_M1Y0NviL7gpgnNgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-06-11 08:09:29 (20 hours ago)	IM360 WAF: Rate limit exceeded for XMLRPC DoS	Web App Attack
Anonymous	2026-06-11 08:02:07 (20 hours ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 06:33:02 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:32:57.802648 2026] [security2:error] [pid 3876:tid 3876] [client 182.185.134.27:54060] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|thinkingepic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thinkingepic.com"] [uri "/xmlrpc.php"] [unique_id "aipWmToFH6GXQv76YRLvlwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 06:03:30 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:03:23.345347 2026] [security2:error] [pid 1256:tid 1256] [client 182.185.134.27:55552] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|fishleadership.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "aipPqyhOy77FR7at5uR6XwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-10 10:56:37 (1 day ago)	(wordpress) Failed wordpress login from 182.185.134.27 (PK/Pakistan/Punjab/Lahore/-)	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-10 10:56:09 (1 day ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PK/Pakistan/-	Web App Attack
Anonymous	2026-06-10 09:32:17 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-10 08:32:00 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 04:31:56.003174 2026] [security2:error] [pid 5244:tid 5282] [client 182.185.134.27:56244] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|executiveconsultingpr.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "executiveconsultingpr.com"] [uri "/xmlrpc.php"] [unique_id "aikg-6E_tK5Ohdemwn4PrQAAAJQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 06:21:32 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:21:28.579055 2026] [security2:error] [pid 5962:tid 5962] [client 182.185.134.27:57074] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|verdeprofundo.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "aikCaH1Jdfl4W5YrsLHw9wAAACw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 08:47:37 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 04:47:30.722078 2026] [security2:error] [pid 993:tid 993] [client 182.185.134.27:54780] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|serranoscoffee.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "serranoscoffee.com"] [uri "/xmlrpc.php"] [unique_id "aifTIgpyDfr08FXPa_vTzQAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 08:32:14 (2 days ago)	Attac	Brute-Force
🇫🇮 YF	2026-06-09 07:00:40 (2 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-06-08 11:59:50 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.134.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 07:59:41.824869 2026] [security2:error] [pid 18824:tid 18824] [client 182.185.134.27:53340] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.134.27 (+1 hits since last alert)\|losbarbarosdelnorte.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "losbarbarosdelnorte.com"] [uri "/xmlrpc.php"] [unique_id "aiaurbr4PtLVRJFL0-L6vgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.191.19

🇺🇸 165.227.213.35

🇸🇬 101.47.142.22

🇸🇦 79.72.3.119

🇧🇷 205.210.31.201

🇬🇧 195.206.182.199

🇬🇧 185.216.145.162

🇨🇳 103.152.76.141

🇨🇳 101.96.225.252

🇫🇮 74.125.74.155

🇩🇪 69.5.169.129

🇺🇸 66.132.172.224

🇻🇪 38.183.114.55

🇺🇸 24.187.213.29

🇹🇼 220.130.194.169

🇫🇷 212.83.145.101

🇬🇧 193.163.125.227

🇵🇭 175.176.3.81

🇺🇸 162.216.150.52

🇸🇬 101.47.142.215