JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 182.189.96.204

182.189.96.204 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 4%: ?

ISP	Soft-X
Usage Type	Fixed Line ISP
ASN	AS132165
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 182.189.96.204

Whois 182.189.96.204

IP Abuse Reports for 182.189.96.204:

This IP address has been reported a total of 7 times from 3 distinct sources. 182.189.96.204 was first reported on July 28th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-13 14:21:22 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 182.189.96.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.189.96.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:21:17.131053 2026] [security2:error] [pid 16340:tid 16340] [client 182.189.96.204:47598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.189.96.204 (+1 hits since last alert)\|pixelspective.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pixelspective.com"] [uri "/xmlrpc.php"] [unique_id "ai1nXQa98YNsvhaZOVhIpQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 13:28:17 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 182.189.96.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.189.96.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 09:28:10.112609 2026] [security2:error] [pid 2221:tid 2221] [client 182.189.96.204:46601] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.189.96.204 (+1 hits since last alert)\|pearlhomesfw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pearlhomesfw.com"] [uri "/xmlrpc.php"] [unique_id "ai1a6i7lyPGrzdK9WawbpgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 12:26:43 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 182.189.96.204 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:240335) triggered by 182.189.96.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 08:26:38.563055 2026] [security2:error] [pid 29360:tid 29360] [client 182.189.96.204:47011] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 182.189.96.204 (+1 hits since last alert)\|indiahouseportland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "indiahouseportland.com"] [uri "/xmlrpc.php"] [unique_id "ai1Mfg3MmtEs-LHptx0SpQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 exxos	2025-08-01 03:23:28 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-07-31 02:34:49 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇳🇱 exxos	2025-07-30 02:09:48 (10 months ago)	HTTP1.x attacks	DDoS Attack
🇪🇸 Global Cyber Police	2025-07-28 08:05:09 (10 months ago)	Malicious bot activity detected: Hitting honeypot page. Part of massive botnet.	DDoS Attack Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.42

🇳🇱 64.89.162.131

🇲🇾 47.250.115.147

🇷🇴 2.57.122.238

🇮🇷 151.234.127.10

🇸🇬 47.128.32.13

🇧🇷 45.164.251.67

🇲🇽 187.191.48.6

🇺🇸 173.194.103.168

🇺🇸 162.216.150.216

🇺🇸 157.245.1.7

🇮🇳 125.19.159.186

🇳🇱 91.92.40.13

🇳🇱 91.92.40.10

🇷🇺 213.27.41.135

🇺🇸 165.22.134.78

🇺🇸 162.216.150.114

🇵🇭 103.249.199.1

🇨🇦 85.217.149.7

🇮🇸 82.221.141.229