JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 202.165.232.238

202.165.232.238 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 29%: ?

29%

ISP	Optix Pakistan (Pvt.) Limited
Usage Type	Fixed Line ISP
ASN	AS136384
Domain Name	optix.pk
Country	🇵🇰 Pakistan
City	Lahore, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 202.165.232.238

Whois 202.165.232.238

IP Abuse Reports for 202.165.232.238:

This IP address has been reported a total of 35 times from 25 distinct sources. 202.165.232.238 was first reported on September 29th 2021, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 leithzz	2026-06-01 11:44:55 (5 days ago)	Report by Cloudflare.Time: 2026-06-01T11:43:58Z	DDoS Attack
🇷🇴 Fn4ticHz	2026-05-29 02:44:30 (1 week ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇫🇷 MatStef132	2026-05-22 14:04:41 (2 weeks ago)	MatShield L7: blocked on mathost.eu (ua-quarantined)	Bad Web Bot
🇷🇴 Fn4ticHz	2026-05-09 14:01:24 (4 weeks ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇺🇸 TPI-Abuse	2026-05-05 21:07:19 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 202.165.232.238 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:217210) triggered by 202.165.232.238 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 17:07:12.573829 2026] [security2:error] [pid 28403:tid 28403] [client 202.165.232.238:37306] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|blog44challenge.shop\|F\|4"] [data "GET http://blog44challenge.shop HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "blog44challenge.shop"] [uri "/"] [unique_id "afpcAElOJWLD6GRZPKCAZQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-05-04 02:39:22 (1 month ago)	Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; Linu ... show more Cloudflare WAF: Request Path: / Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: Optix Pakistan (Pvt.) Limited Country: PK Method: GET Timestamp: 2026-05-04T02:39:22Z ruleId: 9bc0d8e988e545dea9bd4843c4bef55c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇹 VHosting	2026-04-26 08:29:52 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇮🇹 VHosting	2026-04-10 05:17:16 (1 month ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇩🇪 NoaQT	2026-04-05 22:02:36 (2 months ago)	202.165.232.238 - - [05/Apr/2026:16:32:11 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo. ... show more 202.165.232.238 - - [05/Apr/2026:16:32:11 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:34:14 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:35:44 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:34:14 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" ... show less	DDoS Attack
🇩🇪 NoaQT	2026-04-05 14:44:01 (2 months ago)	202.165.232.238 - - [05/Apr/2026:16:32:11 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo. ... show more 202.165.232.238 - - [05/Apr/2026:16:32:11 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:34:14 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:34:14 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.instagram.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:35:44 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36" 202.165.232.238 - - [05/Apr/2026:16:35:44 +0200] "GET /web/login HTTP/1.1" 499 0 "https://www.yahoo.com/" "Mozilla/5.0 (X11; Linux x ... show less	DDoS Attack
🇦🇺 MAGIC	2026-03-07 00:45:35 (2 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 matt	2026-03-04 03:28:41 (3 months ago)	DDOS attack with query parameters attempting to overload WordPress site.	DDoS Attack
🇪🇸 el-brujo	2026-02-28 07:32:00 (3 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: ?rsd=1%27+WHERE+5226%3D5226AND%2F%2A%2A%2F8 ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: ?rsd=1%27+WHERE+5226%3D5226AND%2F%2A%2A%2F8037%3DORDSYS.ORD_DICOM.GETMAPPINGXPATH%281333%2CCHR%28126%29%7C%7C%27~%27%7C%7C%28SELECT%2F%2A%2A%2F%28CASE%2F%2A%2A%2FWHEN%2F%2A%2A%2F%288037%3D8037%29%2F%2A%2A%2FTHEN%2F%2A%2A%2F1%2F%2A%2A%2FELSE%2F%2A%2A%2F0%2F%2A%2A%2FEND%29%2F%2A%2A%2FFROM%2F%2A%2A%2FDUAL%29%7C%7C%27~%27%7C%7CCHR%28126%29%2CCHR%28126%29%29--+- Host: hwagm.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Action: managed_challenge Source: firewallManaged ASN Description: OPTIX-AS-AP Optix Pakistan Pvt. Limited Country: PK Method: GET Timestamp: 2026-02-28T07:32:00Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇧🇷 hostseries	2026-02-25 09:31:25 (3 months ago)	Trigger: LF_DISTATTACK	Brute-Force
🇮🇳 liveaspankaj	2026-02-14 05:02:29 (3 months ago)	DDoS attack: 151 requests in 5m (GET / or repair.php).	DDoS Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.199

🇷🇴 92.118.39.236

🇬🇷 85.74.111.77

🇺🇸 43.162.99.8

🇺🇸 20.12.41.6

🇧🇷 177.73.162.227

🇨🇳 120.48.135.189

🇺🇸 102.129.234.105

🇿🇦 102.67.141.165

🇫🇷 89.116.147.115

🇺🇸 66.132.195.81

🇵🇱 57.128.225.99

🇩🇪 47.91.76.73

🇳🇱 45.154.98.96

🇳🇱 45.148.10.147

🇮🇩 43.165.198.144

🇺🇸 162.216.148.0

🇱🇹 141.98.11.83

🇸🇬 118.139.164.171

🇷🇺 95.25.247.52