๐บ๐ธ
IndigoRidge
2026-07-15 13:30:55
(6 hours ago)
39.59.30.42 - - [15/Jul/2026:09:28:56 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com ...
show more
39.59.30.42 - - [15/Jul/2026:09:28:56 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:09:29:07 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:09:30:01 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:09:30:22 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:09:30:53 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-15 11:58:43
(8 hours ago)
39.59.30.42 - - [15/Jul/2026:07:56:58 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com ...
show more
39.59.30.42 - - [15/Jul/2026:07:56:58 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:07:57:28 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:07:57:39 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:07:58:31 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:07:58:42 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
Anonymous
2026-07-15 11:54:36
(8 hours ago)
[redacted] 39.59.30.42 - - [15/Jul/2026:13:53:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Wor ...
show more
[redacted] 39.59.30.42 - - [15/Jul/2026:13:53:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 39.59.30.42 - - [15/Jul/2026:13:54:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 39.59.30.42 - - [15/Jul/2026:13:54:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site82868898.com"
[redacted] 39.59.30.42 - - [15/Jul/2026:13:54:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site22167286.com"
[redacted] 39.59.30.42 - - [15/Jul/2026:13:54:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-15 07:43:57
(12 hours ago)
39.59.30.42 - - [15/Jul/2026:03:42:11 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5760 "-" "WordPress.com ...
show more
39.59.30.42 - - [15/Jul/2026:03:42:11 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5760 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:03:42:43 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5744 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:03:42:53 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5744 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:03:43:36 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5744 "-" "WordPress.com; https://wordpress.com"
39.59.30.42 - - [15/Jul/2026:03:43:57 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5728 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 07:41:55
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 03:41:52.704765 2026] [security2:error] [pid 5003:tid 5003] [client 39.59.30.42:60921] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.59.30.42 (+1 hits since last alert)|qed-consulting.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "qed-consulting.co"] [uri "/xmlrpc.php"] [unique_id "alc5wKlIubg1Rt52CkMdHQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-15 05:50:51
(14 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 05:45:54
(14 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 15:51:12
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:51:04.944612 2026] [security2:error] [pid 11762:tid 11764] [client 39.59.30.42:49619] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.59.30.42 (+1 hits since last alert)|sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sparkhypnotherapy.com"] [uri "/xmlrpc.php"] [unique_id "alZa6D37vyPjdpnQCOe85wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 14:49:04
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 10:48:57.681111 2026] [security2:error] [pid 3453:tid 3453] [client 39.59.30.42:53793] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.59.30.42 (+1 hits since last alert)|theopinionatedowl.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theopinionatedowl.com"] [uri "/xmlrpc.php"] [unique_id "alZMWRWcHxz1qbRksjSSDQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 13:50:24
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 09:50:18.770977 2026] [security2:error] [pid 6822:tid 6833] [client 39.59.30.42:58031] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.59.30.42 (+1 hits since last alert)|campingcosmetics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "campingcosmetics.com"] [uri "/xmlrpc.php"] [unique_id "alY-mkqP0nW1TC_vY5UYpwAAAEM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
factor1
2026-07-14 12:12:01
(1 day ago)
Fail2ban at churndash Reports Abuse.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 11:45:10
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:45:04.437785 2026] [security2:error] [pid 677467:tid 677467] [client 39.59.30.42:51412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.59.30.42 (+1 hits since last alert)|smilingorc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smilingorc.com"] [uri "/xmlrpc.php"] [unique_id "alYhQBYhVQ22fmfqwARG2AAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 11:11:55
(1 day ago)
(wordpress) Failed wordpress login from 39.59.30.42 (PK/Pakistan/-)
Brute-Force
Anonymous
2026-07-14 09:08:05
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 13:04:03
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.59.30.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 09:03:56.612819 2026] [security2:error] [pid 15911:tid 15911] [client 39.59.30.42:57513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.59.30.42 (+1 hits since last alert)|kotelbarmitzvah.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kotelbarmitzvah.com"] [uri "/xmlrpc.php"] [unique_id "alTiPLllC5ziUysWPNip2AAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack