JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.47.19.72

39.47.19.72 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 41%: ?

41%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Peshawar, Khyber Pakhtunkhwa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.47.19.72

Whois 39.47.19.72

IP Abuse Reports for 39.47.19.72:

This IP address has been reported a total of 12 times from 6 distinct sources. 39.47.19.72 was first reported on June 17th 2026, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 dynamix	2026-06-20 09:53:43 (59 minutes ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 06:53:04 (3 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 02:52:56.281393 2026] [security2:error] [pid 17449:tid 17449] [client 39.47.19.72:2463] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.47.19.72 (+1 hits since last alert)\|doreenkimura.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doreenkimura.com"] [uri "/xmlrpc.php"] [unique_id "ajY4yFXMGDG0_aN8Fz5B3gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 06:21:42 (4 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 02:21:37.051803 2026] [security2:error] [pid 8877:tid 8877] [client 39.47.19.72:45569] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.47.19.72 (+1 hits since last alert)\|nekstlevel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nekstlevel.com"] [uri "/xmlrpc.php"] [unique_id "ajYxcWLxvOleRHRezOY7jwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 NewWavesApp	2026-06-19 11:20:55 (23 hours ago)	(wordpress) Failed wordpress login from 39.47.19.72 (PK/Pakistan/-): (CF_ENABLE)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 10:27:17 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:27:11.386922 2026] [security2:error] [pid 29306:tid 29316] [client 39.47.19.72:38195] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.47.19.72 (+1 hits since last alert)\|jpdesign.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jpdesign.us"] [uri "/xmlrpc.php"] [unique_id "ajUZf9__osfEwShcusOvCAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 08:43:37 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:43:30.221061 2026] [security2:error] [pid 30301:tid 30301] [client 39.47.19.72:37103] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.47.19.72 (+1 hits since last alert)\|celltechs.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celltechs.net"] [uri "/xmlrpc.php"] [unique_id "ajUBMpDwfLU04Ar131moqgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 08:10:52 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:10:46.365235 2026] [security2:error] [pid 5801:tid 5801] [client 39.47.19.72:16989] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.47.19.72 (+1 hits since last alert)\|canebrakes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "canebrakes.com"] [uri "/xmlrpc.php"] [unique_id "ajT5hiw7MBwseKGTd1pDLQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-18 09:47:30 (2 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
Anonymous	2026-06-18 07:16:25 (2 days ago)	[ns41.kdns.gr] httpd-xmlrpc-post: sites=medisto.gr; logs=/var/log/httpd/domains/medisto.gr.log; samp ... show more [ns41.kdns.gr] httpd-xmlrpc-post: sites=medisto.gr; logs=/var/log/httpd/domains/medisto.gr.log; samples=/xmlrpc.php show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-18 06:14:35 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.47.19.72 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:14:32.729288 2026] [security2:error] [pid 7189:tid 7189] [client 39.47.19.72:31273] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.47.19.72 (+1 hits since last alert)\|tracytappan.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tracytappan.net"] [uri "/xmlrpc.php"] [unique_id "ajOMyLMG4hbg4ULt5HgQPQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 konseptit	2026-06-17 11:17:42 (2 days ago)	(wordpress) Failed wordpress login from 39.47.19.72 (PK/Pakistan/-)	Brute-Force
🇫🇷 masterguru	2026-06-17 11:16:54 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.92.167

🇺🇸 66.132.172.127

🇸🇬 47.128.111.117

🇩🇪 164.92.161.148

🇺🇸 162.216.149.138

🇮🇳 106.213.85.217

🇬🇧 92.40.214.156

🇮🇷 84.47.208.168

🇨🇳 59.48.40.6

🇷🇺 46.8.245.94

🇷🇴 2.57.122.98

🇩🇪 213.209.159.238

🇺🇸 172.234.199.190

🇬🇧 87.236.176.227

🇧🇬 79.124.49.70

🇺🇸 35.197.118.118

🇨🇦 20.104.244.165

🇺🇸 20.46.225.117

🇨🇳 116.179.32.152

🇮🇳 103.196.78.53