JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.48.200.58

39.48.200.58 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 44%: ?

44%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.48.200.58

Whois 39.48.200.58

IP Abuse Reports for 39.48.200.58:

This IP address has been reported a total of 10 times from 6 distinct sources. 39.48.200.58 was first reported on June 15th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tecnicorioja	2026-06-15 22:00:25 (6 hours ago)	POST /xmlrpc.php [15/Jun/2026:05:36:51	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 11:51:36 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 07:51:33.065627 2026] [security2:error] [pid 13602:tid 13602] [client 39.48.200.58:22945] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.200.58 (+1 hits since last alert)\|technesa.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "ai_nRdGlH1Ng6lDQJPjnTgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:20:01 (19 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:19:58.181136 2026] [security2:error] [pid 28818:tid 28837] [client 39.48.200.58:14269] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.200.58 (+1 hits since last alert)\|vancekelly.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vancekelly.com"] [uri "/xmlrpc.php"] [unique_id "ai_DvsRIphRj0RdOLyUpsQAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-15 07:51:27 (20 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇨🇦 Dolphi	2026-06-15 07:40:02 (21 hours ago)	Excessive POST /xmlrpc.php requests	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 06:24:25 (22 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 02:24:21.861608 2026] [security2:error] [pid 11566:tid 11566] [client 39.48.200.58:57759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.200.58 (+1 hits since last alert)\|mdsshop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mdsshop.com"] [uri "/xmlrpc.php"] [unique_id "ai-alRExsOUlojNCgSalJQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-15 05:25:29 (23 hours ago)	4.635 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 05:22:43 (23 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:22:39.287592 2026] [security2:error] [pid 26664:tid 26664] [client 39.48.200.58:37767] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.200.58 (+1 hits since last alert)\|writebetweenthelines.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "writebetweenthelines.com"] [uri "/xmlrpc.php"] [unique_id "ai-MH3HlI9hR46-prP6XbwAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 04:21:47 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 39.48.200.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:21:43.675199 2026] [security2:error] [pid 19544:tid 19563] [client 39.48.200.58:14127] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.200.58 (+1 hits since last alert)\|metalartgate.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "metalartgate.com"] [uri "/xmlrpc.php"] [unique_id "ai991-PG3TByPonrsB62pQAAAZA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 grassau.com	2026-06-15 04:19:37 (1 day ago)	(wordpress) Failed wordpress login from 39.48.200.58 (PK/Pakistan/Sindh/Karachi/-)	Brute-Force

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 91.92.40.204

🇹🇷 78.189.47.245

🇻🇳 27.71.84.131

🇬🇧 2a06:4880:8000::

🇮🇳 223.185.134.41

🇧🇪 198.235.24.230

🇩🇪 195.230.103.247

🇵🇰 182.180.91.158

🇨🇱 179.60.66.215

🇺🇸 157.230.63.205

🇺🇸 134.209.120.216

🇮🇳 117.250.107.180

🇺🇸 65.49.1.85

🇧🇷 45.70.164.151

🇨🇳 42.51.32.228

🇬🇧 35.203.210.8

🇿🇦 196.192.181.202

🇵🇱 194.165.16.161

🇧🇷 187.111.28.131

🇦🇺 103.208.219.38