JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.35.208.138

39.35.208.138 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 31%: ?

31%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.35.208.138

Whois 39.35.208.138

IP Abuse Reports for 39.35.208.138:

This IP address has been reported a total of 8 times from 4 distinct sources. 39.35.208.138 was first reported on June 16th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 21:15:57 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 17:15:52.624944 2026] [security2:error] [pid 26075:tid 26075] [client 39.35.208.138:63236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.208.138 (+1 hits since last alert)\|schlegelcreative.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "ajMOiIsPCr0gwCBh-Ce8cQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-17 20:14:17 (4 hours ago)	(wordpress) Failed wordpress login from 39.35.208.138 (PK/Pakistan/-)	Brute-Force
🇺🇸 integrantservices.com	2026-06-17 19:26:29 (5 hours ago)	(PERMBLOCK) 39.35.208.138 (PK/Pakistan/-) has had more than 4 temp blocks	Hacking
🇩🇪 big-cloud.nl	2026-06-17 19:05:33 (5 hours ago)	Try to access /xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 18:07:06 (6 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:07:01.287781 2026] [security2:error] [pid 19851:tid 19865] [client 39.35.208.138:61941] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.208.138 (+1 hits since last alert)\|giere.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "giere.us"] [uri "/xmlrpc.php"] [unique_id "ajLiRd1Qk1PcsDdLO_mpqwAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-17 17:42:47 (6 hours ago)	(wordpress) Failed wordpress login from 39.35.208.138 (PK/Pakistan/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-16 23:58:06 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:58:01.749622 2026] [security2:error] [pid 13436:tid 13436] [client 39.35.208.138:54884] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.208.138 (+1 hits since last alert)\|scrunchiebuttbikinis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "scrunchiebuttbikinis.com"] [uri "/xmlrpc.php"] [unique_id "ajHjCTaP6l9FjPPsMgp7YAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-16 22:57:40 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.35.208.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 18:57:33.110774 2026] [security2:error] [pid 358:tid 358] [client 39.35.208.138:61749] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.35.208.138 (+1 hits since last alert)\|theyoungstrategist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theyoungstrategist.com"] [uri "/xmlrpc.php"] [unique_id "ajHU3ZJ7xoxHJ8yx-dKQ8AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 95.214.55.226

🇷🇺 83.239.108.218

🇷🇴 80.94.92.102

🇺🇸 67.82.199.83

🇺🇸 23.234.111.156

🇺🇸 20.65.193.155

🇧🇷 205.210.31.201

🇧🇷 205.210.31.184

🇧🇷 205.210.31.172

🇳🇱 204.76.203.51

🇻🇪 190.142.97.50

🇲🇽 189.178.84.91

🇦🇷 181.13.110.16

🇧🇷 177.27.76.210

🇺🇸 150.107.38.67

🇺🇸 147.185.132.29

🇺🇸 91.230.168.213

🇬🇧 84.68.28.169

🇧🇬 79.124.40.126

🇺🇦 78.30.208.130