JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.34.133.52

39.34.133.52 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 41%: ?

41%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS132165
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.34.133.52

Whois 39.34.133.52

IP Abuse Reports for 39.34.133.52:

This IP address has been reported a total of 10 times from 7 distinct sources. 39.34.133.52 was first reported on August 20th 2021, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-06-21 16:17:18 (2 hours ago)	(xmlrpc_405) XMLRPC-Bot 405 39.34.133.52 (PK/Pakistan/-)	Hacking
🇺🇸 TPI-Abuse	2026-06-21 14:23:44 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.34.133.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.133.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 10:23:40.702158 2026] [security2:error] [pid 5121:tid 5249] [client 39.34.133.52:52685] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.133.52 (+1 hits since last alert)\|duplexgoldmine.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "duplexgoldmine.com"] [uri "/xmlrpc.php"] [unique_id "ajfz7ISZLMaJZCHWRS3QaAAAAMg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 noise.agency	2026-06-21 14:21:40 (4 hours ago)	(wordpress) Failed wordpress login from 39.34.133.52 (PK/Pakistan/-)	Brute-Force
Anonymous	2026-06-21 08:21:59 (10 hours ago)	(wordpress) Failed wordpress login from 39.34.133.52 (PK/Pakistan/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-21 07:02:37 (11 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.34.133.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.133.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 03:02:31.439390 2026] [security2:error] [pid 22312:tid 22312] [client 39.34.133.52:52085] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.133.52 (+1 hits since last alert)\|drdot.xyz\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drdot.xyz"] [uri "/xmlrpc.php"] [unique_id "ajeMh3amcmy063jTe1omgwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-21 06:28:43 (12 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 17:40:30 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 39.34.133.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.133.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 13:40:23.890914 2026] [security2:error] [pid 1910:tid 1984] [client 39.34.133.52:52340] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.133.52 (+1 hits since last alert)\|darkestmoonart.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "darkestmoonart.com"] [uri "/xmlrpc.php"] [unique_id "ajV_B7VbCT64MpyRLOrFEgAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-30 01:27:02 (3 weeks ago)	block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 14:52:11 (6 months ago)	"Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized ac ... show more "Participant in large-scale DDoS Attack in which data injection was attmpted to gain unauthorized access" show less	DDoS Attack SQL Injection Exploited Host
🇬🇧 Bytemark	2021-08-20 05:13:01 (4 years ago)	Aug 20 10:13:00 dlcentre3 postfix/smtpd[4087]: NOQUEUE: reject: RCPT from unknown[39.34.133.52]: 554 ... show more Aug 20 10:13:00 dlcentre3 postfix/smtpd[4087]: NOQUEUE: reject: RCPT from unknown[39.34.133.52]: 554 5.7.1 Service unavailable; Client host [39.34.133.52] blocked using cbl.abuseat.org; https://www.spamhaus.org/query/ip/39.34.133.52; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[39.34.133.52]> show less	Email Spam Spoofing Brute-Force Exploited Host

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.91.89.203

🇳🇱 192.42.116.13

🇫🇮 178.20.210.208

🇺🇸 172.202.118.18

🇩🇪 172.69.150.69

🇨🇳 118.248.48.88

🇺🇸 40.124.120.41

🇺🇸 34.201.239.10

🇺🇸 34.138.83.20

🇧🇴 190.129.164.218

🇳🇱 185.224.128.16

🇺🇸 165.154.173.104

🇹🇭 152.32.245.27

🇨🇳 106.75.144.82

🇲🇦 105.155.193.105

🇩🇪 84.55.0.213

🇲🇾 47.250.189.20

🇺🇸 20.163.33.218

🇳🇱 176.65.139.43

🇺🇸 157.230.235.34