JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.34.160.35

39.34.160.35 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 18%: ?

18%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS141450
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.34.160.35

Whois 39.34.160.35

IP Abuse Reports for 39.34.160.35:

This IP address has been reported a total of 7 times from 3 distinct sources. 39.34.160.35 was first reported on June 4th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-05 18:14:55 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 14:14:52.224696 2026] [security2:error] [pid 1864:tid 1864] [client 39.34.160.35:54448] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.160.35 (+1 hits since last alert)\|glassclublake.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "glassclublake.com"] [uri "/xmlrpc.php"] [unique_id "aiMSHCwAJJqf1wQzLVWFGgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 17:15:22 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 13:15:19.141045 2026] [security2:error] [pid 2118:tid 2118] [client 39.34.160.35:54825] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.160.35 (+1 hits since last alert)\|tgaguide.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tgaguide.com"] [uri "/xmlrpc.php"] [unique_id "aiMEJyj6XdtIBriWkFpjDwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 16:13:32 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 12:13:27.849513 2026] [security2:error] [pid 19178:tid 19178] [client 39.34.160.35:54364] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.160.35 (+1 hits since last alert)\|seahattravel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seahattravel.com"] [uri "/xmlrpc.php"] [unique_id "aiL1px1ah-zlXbshV9h2jAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 19:45:47 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:45:40.114351 2026] [security2:error] [pid 13826:tid 13826] [client 39.34.160.35:54825] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.160.35 (+1 hits since last alert)\|d-sinema.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "aiHV5ART0YGk86UhfpbvBwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 16:59:25 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.34.160.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 12:59:21.185723 2026] [security2:error] [pid 9603:tid 9603] [client 39.34.160.35:54251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.34.160.35 (+1 hits since last alert)\|constructionloansfunding.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "constructionloansfunding.com"] [uri "/xmlrpc.php"] [unique_id "aiGu6TbfMe1s1QydVpn0TwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-04 15:24:48 (2 weeks ago)	[redacted] 39.34.160.35 - - [04/Jun/2026:17:24:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ... show more [redacted] 39.34.160.35 - - [04/Jun/2026:17:24:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 39.34.160.35 - - [04/Jun/2026:17:24:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 39.34.160.35 - - [04/Jun/2026:17:24:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site56737675.com" [redacted] 39.34.160.35 - - [04/Jun/2026:17:24:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.1; http://site37235394.com" [redacted] 39.34.160.35 - - [04/Jun/2026:17:24:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.1; http://site98052067.com" ... show less	Hacking Web App Attack
Anonymous	2026-06-04 14:53:57 (2 weeks ago)	39.34.160.35 - - [04/Jun/2026:16:53:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by Wo ... show more 39.34.160.35 - - [04/Jun/2026:16:53:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 39.34.160.35 - - [04/Jun/2026:16:53:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 39.34.160.35 - - [04/Jun/2026:16:53:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 39.34.160.35 - - [04/Jun/2026:16:53:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 39.34.160.35 - - [04/Jun/2026:16:53:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.5; WordPress/6.4; http://site61845704.com" ... show less	Brute-Force Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.209.156.35

🇺🇸 134.122.21.135

🇸🇬 47.84.107.210

🇺🇸 150.107.38.181

🇨🇳 101.71.38.1

🇳🇱 86.54.31.32

🇳🇿 45.133.7.90

🇬🇧 35.203.210.143

🇺🇸 3.131.220.121

🇮🇳 2409:40e2:11e7:5e25:b9c2:f5f1:2d99:78bc

🇮🇳 103.190.7.203

🇨🇭 84.16.75.243

🇱🇹 81.30.98.158

🇺🇸 68.69.177.102

🇹🇼 34.81.72.185

🇳🇱 5.255.120.22

🇺🇸 2607:f8b0:4004:1007::126

🇷🇺 185.9.186.238

🇺🇸 172.172.214.224

🇻🇳 171.231.188.54