JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.35.200.242

39.35.200.242 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 37%: ?

37%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.35.200.242

Whois 39.35.200.242

IP Abuse Reports for 39.35.200.242:

This IP address has been reported a total of 11 times from 7 distinct sources. 39.35.200.242 was first reported on June 9th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-10 22:31:38 (1 week ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-09 22:30:03 (2 weeks ago)		Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-09 21:05:23 (2 weeks ago)	10.444 post requests in 1 hour (6d9h24m)	Brute-Force Bad Web Bot
🇲🇾 Rizzy	2026-06-09 20:44:32 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 20:40:45 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 16:40:40.605687 2026] [security2:error] [pid 8639:tid 8639] [client 39.35.200.242:60285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.200.242 (+1 hits since last alert)\|grexicon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "grexicon.com"] [uri "/xmlrpc.php"] [unique_id "aih6SJnHPV3Gd9BNw6OlKAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:33:59 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:33:51.878548 2026] [security2:error] [pid 13744:tid 13744] [client 39.35.200.242:16949] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.200.242 (+1 hits since last alert)\|enjoymycondos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enjoymycondos.com"] [uri "/xmlrpc.php"] [unique_id "aihqn9VkwXPK57a4MoqQswAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 19:10:32 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:10:25.113424 2026] [security2:error] [pid 12025:tid 12025] [client 39.35.200.242:64430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.200.242 (+1 hits since last alert)\|ohiohca.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ohiohca.com"] [uri "/xmlrpc.php"] [unique_id "aihlIWCgGNKvqAfNv430YgAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 19:08:40 (2 weeks ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 17:29:31 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.200.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 13:29:25.468765 2026] [security2:error] [pid 21504:tid 21504] [client 39.35.200.242:55029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.200.242 (+1 hits since last alert)\|integrabroadcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "integrabroadcast.com"] [uri "/xmlrpc.php"] [unique_id "aihNdeWDg-8Ajk_XArB51QAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 17:15:26 (2 weeks ago)		Bad Web Bot Web App Attack
Anonymous	2026-06-09 17:05:55 (2 weeks ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (72/60 min)'; Requests=72	Port Scan

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.240.59.30

🇧🇬 78.90.19.40

🇳🇱 45.148.10.152

🇩🇪 194.88.98.105

🇧🇷 187.120.107.172

🇺🇸 174.67.236.169

🇺🇸 135.237.126.72

🇫🇷 85.217.140.33

🇨🇭 83.77.12.13

🇳🇱 64.188.77.26

🇺🇸 40.119.24.130

🇧🇪 34.52.228.59

🇳🇱 173.194.169.89

🇺🇸 172.202.118.47

🇬🇧 165.232.40.8

🇪🇸 158.158.47.67

🇧🇷 152.32.200.213

🇺🇸 104.168.112.221

🇮🇷 89.37.155.232

🇺🇸 66.249.65.40