JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 119.94.4.97

119.94.4.97 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 77%: ?

77%

ISP	HOME_DSL
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	119.94.4.97.static.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Manila, National Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 119.94.4.97

Whois 119.94.4.97

IP Abuse Reports for 119.94.4.97:

This IP address has been reported a total of 20 times from 13 distinct sources. 119.94.4.97 was first reported on June 4th 2026, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Marc	2026-06-05 14:07:30 (5 hours ago)	119.94.4.97 - - [05/Jun/2026:16:07:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3457 "-" "WordPress.com ... show more 119.94.4.97 - - [05/Jun/2026:16:07:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3457 "-" "WordPress.com; https://wordpress.com" 119.94.4.97 - - [05/Jun/2026:16:07:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3456 "-" "Jetpack/12.5; WordPress/6.4; http://site11697255.com" 119.94.4.97 - - [05/Jun/2026:16:07:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3456 "-" "Jetpack/12.1; WordPress/6.3; http://site30911422.com" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:35:16 (10 hours ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:35:09.433690 2026] [security2:error] [pid 18533:tid 18533] [client 119.94.4.97:25157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|tgaguide.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tgaguide.com"] [uri "/xmlrpc.php"] [unique_id "aiKYTWGJjTNrCw2GZ2co8QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 08:03:14 (11 hours ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 04:03:05.749011 2026] [security2:error] [pid 27450:tid 27450] [client 119.94.4.97:23523] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|hotelkona.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hotelkona.com"] [uri "/xmlrpc.php"] [unique_id "aiKCuUbPt4BfakIP2fl0sQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-05 07:24:47 (12 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-05 06:23:07 (13 hours ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:22:59.727707 2026] [security2:error] [pid 14930:tid 14930] [client 119.94.4.97:23476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|crr-construction.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "crr-construction.com"] [uri "/xmlrpc.php"] [unique_id "aiJrQ1szukYFjI8EknR2BQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 05:01:18 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 01:01:14.283888 2026] [security2:error] [pid 16697:tid 16697] [client 119.94.4.97:22498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|eye7graphics.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eye7graphics.com"] [uri "/xmlrpc.php"] [unique_id "aiJYGsC2b2snkxip9Dl0mgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 04:35:18 (15 hours ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 00:35:10.871309 2026] [security2:error] [pid 6336:tid 6336] [client 119.94.4.97:23893] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|mfleetservice.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mfleetservice.com"] [uri "/xmlrpc.php"] [unique_id "aiJR_sE5pW4f95rrjRXZqwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 04:24:21 (15 hours ago)	[redacted] 119.94.4.97 - - [05/Jun/2026:06:23:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jet ... show more [redacted] 119.94.4.97 - - [05/Jun/2026:06:23:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.1; WordPress/6.4; http://site39697688.com" [redacted] 119.94.4.97 - - [05/Jun/2026:06:23:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" [redacted] 119.94.4.97 - - [05/Jun/2026:06:24:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" [redacted] 119.94.4.97 - - [05/Jun/2026:06:24:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "WordPress.com; https://wordpress.com" [redacted] 119.94.4.97 - - [05/Jun/2026:06:24:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 02:54:06 (17 hours ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 22:54:02.450822 2026] [security2:error] [pid 1062:tid 1062] [client 119.94.4.97:23071] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|forerunnersjazz.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "forerunnersjazz.org"] [uri "/xmlrpc.php"] [unique_id "aiI6Svqo-845dh4E9vSX8AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-05 02:52:10 (17 hours ago)	Attac	Brute-Force
🇫🇷 masterguru	2026-06-05 02:41:03 (17 hours ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 WeekendWeb	2026-06-05 01:08:21 (18 hours ago)	Wordpress Vunerability attack	Web App Attack
Anonymous	2026-06-04 19:06:05 (1 day ago)	Trying to access config files	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 19:01:06 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 119.94.4.97 (119.94.4.97.static.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:01:00.682975 2026] [security2:error] [pid 10355:tid 10355] [client 119.94.4.97:22990] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 119.94.4.97 (+1 hits since last alert)\|protection4allsecurity.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "protection4allsecurity.com"] [uri "/xmlrpc.php"] [unique_id "aiHLbLU3Tf2kLrka0osd1gAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 bigwavedave	2026-06-04 18:29:16 (1 day ago)	Wordpress Attack	Web App Attack

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇹 213.205.79.50

🇨🇭 209.99.189.174

🇬🇧 194.50.235.137

🇻🇳 27.79.46.13

🇩🇪 212.132.120.41

🇫🇷 185.255.126.17

🇨🇳 182.54.23.140

🇨🇳 175.0.39.216

🇳🇬 152.32.140.218

🇨🇳 120.242.170.100

🇨🇳 115.63.124.51

🇺🇸 45.156.129.63

🇳🇱 45.148.10.121

🇬🇧 195.206.182.219

🇬🇧 178.62.31.124

🇺🇸 172.121.129.157

🇺🇸 154.197.57.177

🇨🇳 114.234.101.12

🇺🇸 86.111.187.169

🇳🇱 45.148.10.141