JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 39.56.12.73

39.56.12.73 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 54%: ?

54%

ISP	Pakistan Telecommuication company limited
Usage Type	Fixed Line ISP
ASN	AS17557
Domain Name	ptcl.net.pk
Country	🇵🇰 Pakistan
City	Gujrat, Punjab

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 39.56.12.73

Whois 39.56.12.73

IP Abuse Reports for 39.56.12.73:

This IP address has been reported a total of 13 times from 8 distinct sources. 39.56.12.73 was first reported on June 27th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-28 09:49:35 (8 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇲🇾 Rizzy	2026-06-28 09:49:16 (8 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-28 08:17:18 (10 hours ago)	(wordpress) Failed wordpress login from 39.56.12.73 (PK/Pakistan/-)	Brute-Force
Anonymous	2026-06-28 05:45:34 (12 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-28 04:13:15 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:13:07.618520 2026] [security2:error] [pid 21586:tid 21586] [client 39.56.12.73:56021] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.56.12.73 (+1 hits since last alert)\|k2servicesinc.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "k2servicesinc.net"] [uri "/xmlrpc.php"] [unique_id "akCfU7XgBP5-y3y1ZaKC-gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-28 02:38:51 (15 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-28 00:38:44 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 20:38:40.640312 2026] [security2:error] [pid 14998:tid 14998] [client 39.56.12.73:59956] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.56.12.73 (+1 hits since last alert)\|fishleadership.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "akBtEKTe-BTjD7Tbbs6ZAAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 20:54:27 (21 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:54:21.918925 2026] [security2:error] [pid 12644:tid 12644] [client 39.56.12.73:50036] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.56.12.73 (+1 hits since last alert)\|rdhtrucking.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rdhtrucking.com"] [uri "/xmlrpc.php"] [unique_id "akA4fetj4a6nVKq_Hale2gAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Marc	2026-06-27 20:50:47 (21 hours ago)	39.56.12.73 - - [27/Jun/2026:22:50:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3419 "-" "Jetpack by Wo ... show more 39.56.12.73 - - [27/Jun/2026:22:50:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3419 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)" 39.56.12.73 - - [27/Jun/2026:22:50:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3465 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" 39.56.12.73 - - [27/Jun/2026:22:50:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3465 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 18:39:36 (23 hours ago)	(mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:39:30.392995 2026] [security2:error] [pid 26984:tid 27003] [client 39.56.12.73:52728] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.56.12.73 (+1 hits since last alert)\|cynosureinternetservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosureinternetservices.com"] [uri "/xmlrpc.php"] [unique_id "akAY4sL_A_RDEisRFfIiSQAAAJA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 10:31:09 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:31:02.270250 2026] [security2:error] [pid 31989:tid 32003] [client 39.56.12.73:54410] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.56.12.73 (+1 hits since last alert)\|rawhabitat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rawhabitat.com"] [uri "/xmlrpc.php"] [unique_id "aj-mZgVg3LUjtmM3N5ZdugAAAUw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 06:50:32 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 39.56.12.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:50:25.927582 2026] [security2:error] [pid 11534:tid 11534] [client 39.56.12.73:51319] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 39.56.12.73 (+1 hits since last alert)\|theamarals.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theamarals.com"] [uri "/xmlrpc.php"] [unique_id "aj9ysUYuyjjeg4EllUEOEgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 akasolutions.de	2026-06-27 05:47:06 (1 day ago)	(wordpress) Failed wordpress login from 39.56.12.73 (PK/Pakistan/-)	Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.221

🇸🇬 172.188.89.41

🇱🇰 112.135.182.103

🇳🇱 91.92.40.7

🇺🇸 74.94.234.151

🇰🇷 221.162.218.85

🇲🇽 187.189.214.162

🇷🇺 185.26.30.112

🇨🇳 183.230.155.13

🇻🇳 113.171.81.144

🇷🇺 93.77.187.140

🇿🇼 74.244.197.230

🇩🇪 2a01:4f8:150:13a5::100:38

🇹🇼 198.235.24.92

🇺🇸 185.226.196.25

🇨🇳 116.172.130.79

🇬🇦 102.208.104.197

🇺🇸 74.125.181.156

🇸🇰 66.56.86.57

🇻🇳 14.225.173.146