JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.48.220.237

39.48.220.237 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 54%: ?

54%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Karachi, Sindh

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.48.220.237

Whois 39.48.220.237

IP Abuse Reports for 39.48.220.237:

This IP address has been reported a total of 15 times from 11 distinct sources. 39.48.220.237 was first reported on June 11th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-06-16 06:35:49 (1 week ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:21:14 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:21:08.711387 2026] [security2:error] [pid 16277:tid 16295] [client 39.48.220.237:50059] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.220.237 (+1 hits since last alert)\|luxury.management\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "luxury.management"] [uri "/xmlrpc.php"] [unique_id "ai-19NumX9axht-dg3jr0gAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-15 07:37:54 (1 week ago)	Blocked by CSF 13 firewall - Rule: XMLRPC PK/Pakistan/-	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 07:29:42 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:29:34.965371 2026] [security2:error] [pid 8052:tid 8052] [client 39.48.220.237:63602] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.220.237 (+1 hits since last alert)\|mariettacaseyclub.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mariettacaseyclub.org"] [uri "/xmlrpc.php"] [unique_id "ai-p3sr0LT2oWmIOzTXQnwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-15 07:29:21 (1 week ago)	4.840 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
Anonymous	2026-06-15 05:51:06 (1 week ago)	[redacted] 39.48.220.237 - - [15/Jun/2026:07:50:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "W ... show more [redacted] 39.48.220.237 - - [15/Jun/2026:07:50:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 39.48.220.237 - - [15/Jun/2026:07:50:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" [redacted] 39.48.220.237 - - [15/Jun/2026:07:50:47 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)" [redacted] 39.48.220.237 - - [15/Jun/2026:07:50:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" [redacted] 39.48.220.237 - - [15/Jun/2026:07:51:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 05:05:47 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 01:05:41.700646 2026] [security2:error] [pid 24410:tid 24410] [client 39.48.220.237:61166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.220.237 (+1 hits since last alert)\|lacycustombuilt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lacycustombuilt.com"] [uri "/xmlrpc.php"] [unique_id "ai-IJUMCiRIcVdcBqUEsUwAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-13 10:45:21 (1 week ago)	(wordpress) Failed wordpress login from 39.48.220.237 (PK/Pakistan/-): (CF_ENABLE)	Brute-Force
Anonymous	2026-06-13 10:29:08 (1 week ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇫🇷 masterguru	2026-06-13 08:41:43 (2 weeks ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 factor1	2026-06-13 08:10:21 (2 weeks ago)	Fail2ban at churndash Reports Abuse.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 09:27:49 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 05:27:44.935260 2026] [security2:error] [pid 15058:tid 15058] [client 39.48.220.237:51450] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.220.237 (+1 hits since last alert)\|uphillfarmvt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uphillfarmvt.com"] [uri "/xmlrpc.php"] [unique_id "aivREGCVei0O2rxsJPVBCAAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-12 04:49:18 (2 weeks ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:53:40 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 39.48.220.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:53:33.994845 2026] [security2:error] [pid 11556:tid 11556] [client 39.48.220.237:10021] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.48.220.237 (+1 hits since last alert)\|misogynyis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "misogynyis.com"] [uri "/xmlrpc.php"] [unique_id "aiqhvYQkLMKAfzY8Ff9Y0wAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 konseptit	2026-06-11 10:50:45 (2 weeks ago)	(wordpress) Failed wordpress login from 39.48.220.237 (PK/Pakistan/-)	Brute-Force

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.131.24.109

🇨🇳 175.10.38.108

🇿🇦 168.206.117.233

🇺🇸 162.216.149.64

🇺🇸 107.151.197.182

🇨🇳 106.4.161.213

🇮🇳 103.199.191.27

🇺🇸 71.6.199.65

🇬🇧 35.203.211.232

🇵🇰 223.123.73.234

🇰🇷 210.99.124.119

🇧🇪 198.235.24.173

🇳🇱 176.65.149.236

🇨🇦 142.189.24.229

🇺🇸 100.29.192.77

🇸🇾 82.137.243.123

🇺🇸 65.49.1.171

🇨🇳 14.18.113.167

🇧🇷 189.6.245.60

🇮🇩 180.252.143.31