Anonymous
2026-07-11 09:41:29
(53 minutes ago)
[redacted] 59.97.139.80 - - [11/Jul/2026:11:40:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 59.97.139.80 - - [11/Jul/2026:11:40:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site93348847.com"
[redacted] 59.97.139.80 - - [11/Jul/2026:11:40:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 59.97.139.80 - - [11/Jul/2026:11:41:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site40986035.com"
[redacted] 59.97.139.80 - - [11/Jul/2026:11:41:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site76269138.com"
[redacted] 59.97.139.80 - - [11/Jul/2026:11:41:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-09 10:08:37
(2 days ago)
[redacted] 59.97.139.80 - - [09/Jul/2026:12:07:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 59.97.139.80 - - [09/Jul/2026:12:07:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site23952790.com"
[redacted] 59.97.139.80 - - [09/Jul/2026:12:08:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 59.97.139.80 - - [09/Jul/2026:12:08:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
[redacted] 59.97.139.80 - - [09/Jul/2026:12:08:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 59.97.139.80 - - [09/Jul/2026:12:08:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 07:06:06
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 59.97.139.80 (static.ill.59.97.139.80.bsnl.co.i ...
show more
(mod_security) mod_security (id:240335) triggered by 59.97.139.80 (static.ill.59.97.139.80.bsnl.co.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:05:57.989491 2026] [security2:error] [pid 24690:tid 24690] [client 59.97.139.80:57738] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 59.97.139.80 (+1 hits since last alert)|fattoria-rendena.it|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fattoria-rendena.it"] [uri "/xmlrpc.php"] [unique_id "ak9IVXUnmu2JfnlRped5WgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-06 10:24:58
(5 days ago)
(xmlrpc) Apache: Failed xmlrpc access from 59.97.139.80 (IN/India/static.ill.59.97.139.80.bsnl.co.in ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 59.97.139.80 (IN/India/static.ill.59.97.139.80.bsnl.co.in): 10 in the last 3600 secs (0-201)
show less
Hacking
๐ง๐ท
dominioz
2026-07-06 05:52:55
(5 days ago)
2026-07-06 05:52:08 POST /xmlrpc.php - - 59.97.139.80 HTTP/1.1 Jetpack+by+WordPress.com - 200 650
20 ...
show more
2026-07-06 05:52:08 POST /xmlrpc.php - - 59.97.139.80 HTTP/1.1 Jetpack+by+WordPress.com - 200 650
2026-07-06 05:52:17 POST /xmlrpc.php - - 59.97.139.80 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-07-06 05:52:28 POST /xmlrpc.php - - 59.97.139.80 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+13.0;+WordPress+6.1) - 200 650
2026-07-06 05:52:40 POST /xmlrpc.php - - 59.97.139.80 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
...
show less
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-02 10:23:08
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/-
Web App Attack
๐ฉ๐ช
Marc
2026-07-01 09:06:51
(1 week ago)
59.97.139.80 - - [01/Jul/2026:11:06:29 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3466 "-" "Jetpack by W ...
show more
59.97.139.80 - - [01/Jul/2026:11:06:29 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3466 "-" "Jetpack by WordPress.com" 59.97.139.80 - - [01/Jul/2026:11:06:39 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3467 "-" "Jetpack by WordPress.com" 59.97.139.80 - - [01/Jul/2026:11:06:50 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3467 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
show less
Brute-Force
Web App Attack
๐ช๐ธ
alferez
2026-06-30 07:16:18
(1 week ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 07:14:13
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 59.97.139.80 (static.ill.59.97.139.80.bsnl.co.i ...
show more
(mod_security) mod_security (id:240335) triggered by 59.97.139.80 (static.ill.59.97.139.80.bsnl.co.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:14:08.114879 2026] [security2:error] [pid 26143:tid 26143] [client 59.97.139.80:12168] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 59.97.139.80 (+1 hits since last alert)|calvarycavaliers.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "calvarycavaliers.org"] [uri "/xmlrpc.php"] [unique_id "akNswJSOK_jHpgPjzSClBAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-22 06:41:04
(2 weeks ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ท
masterguru
2026-06-22 05:37:52
(2 weeks ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ฒ๐พ
Rizzy
2026-06-17 06:51:17
(3 weeks ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-17 06:05:36
(3 weeks ago)
59.97.139.80 - - [17/Jun/2026:08:05:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1 ...
show more
59.97.139.80 - - [17/Jun/2026:08:05:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; WordPress/6.2; http://site85057103.com"
59.97.139.80 - - [17/Jun/2026:08:05:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
59.97.139.80 - - [17/Jun/2026:08:05:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-17 05:50:10
(3 weeks ago)
59.97.139.80 - - [17/Jun/2026:07:49:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by W ...
show more
59.97.139.80 - - [17/Jun/2026:07:49:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
59.97.139.80 - - [17/Jun/2026:07:49:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; WordPress/6.4; http://site66919439.com"
59.97.139.80 - - [17/Jun/2026:07:50:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/12.1; WordPress/6.2; http://site10273604.com"
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 06:57:06
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 59.97.139.80 (static.ill.59.97.139.80.bsnl.co.i ...
show more
(mod_security) mod_security (id:240335) triggered by 59.97.139.80 (static.ill.59.97.139.80.bsnl.co.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:57:02.172340 2026] [security2:error] [pid 23504:tid 23504] [client 59.97.139.80:51265] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 59.97.139.80 (+1 hits since last alert)|livingminimal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "livingminimal.com"] [uri "/xmlrpc.php"] [unique_id "ajDzvjrGSni2CiLkwFYOnQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack