JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.185.148.93

182.185.148.93 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 44%: ?

44%

ISP	USF DSLAM South
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.185.148.93

Whois 182.185.148.93

IP Abuse Reports for 182.185.148.93:

This IP address has been reported a total of 9 times from 6 distinct sources. 182.185.148.93 was first reported on June 20th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 NotCool	2026-06-20 12:06:53 (1 hour ago)	(XMLRPC) WP XMLPRC Attack 182.185.148.93 (PK/Pakistan/-): 50 in the last 3600 secs	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 12:00:32 (1 hour ago)	(mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 08:00:24.222906 2026] [security2:error] [pid 22825:tid 22825] [client 182.185.148.93:53252] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.148.93 (+1 hits since last alert)\|lambert-heating-and-air.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lambert-heating-and-air.com"] [uri "/xmlrpc.php"] [unique_id "ajaA2H8ZYm08nLe_gHdkwAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-20 11:27:30 (2 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-20 09:56:59 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:56:51.601860 2026] [security2:error] [pid 18342:tid 18342] [client 182.185.148.93:52147] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.148.93 (+1 hits since last alert)\|thehealthyplaceclayton.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thehealthyplaceclayton.com"] [uri "/xmlrpc.php"] [unique_id "ajZj4_tF4T7VTCpBHInlSAAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 08:56:28 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:56:21.253518 2026] [security2:error] [pid 26158:tid 26158] [client 182.185.148.93:50194] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.148.93 (+1 hits since last alert)\|celltechs.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celltechs.net"] [uri "/xmlrpc.php"] [unique_id "ajZVtQVRYk5tgwQFL15q2wAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-20 08:53:28 (4 hours ago)	(wordpress) Failed wordpress login from 182.185.148.93 (PK/Pakistan/Punjab/Lahore/-)	Brute-Force
🇫🇷 Kenshin869	2026-06-20 08:14:33 (5 hours ago)	Wordpress unauthorized access attempt	Brute-Force
🇲🇾 Rizzy	2026-06-20 07:21:31 (6 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 06:52:38 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.185.148.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 02:52:34.790422 2026] [security2:error] [pid 17449:tid 17449] [client 182.185.148.93:59112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.185.148.93 (+1 hits since last alert)\|luxandunion.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "luxandunion.com"] [uri "/xmlrpc.php"] [unique_id "ajY4slXMGDG0_aN8Fz5B3QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 201.234.106.215

🇳🇱 185.242.226.72

🇫🇮 147.185.133.70

🇺🇸 74.94.234.151

🇺🇸 52.165.81.253

🇰🇷 222.99.52.202

🇨🇳 220.202.112.82

🇨🇳 182.88.239.155

🇪🇬 156.176.131.37

🇮🇹 151.44.163.114

🇨🇦 149.22.95.64

🇨🇳 140.240.85.202

🇨🇳 139.227.161.97

🇨🇳 122.96.28.194

🇻🇳 113.187.209.91

🇹🇼 110.25.114.8

🇧🇬 95.181.236.158

🇺🇸 35.224.89.209

🇨🇳 27.19.119.100

🇷🇺 5.183.29.237