JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 59.97.237.144

59.97.237.144 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore
Usage Type	Fixed Line ISP
ASN	AS9829
Hostname(s)	static.ftth.nnd.59.97.237.144.bsnl.in
Domain Name	bsnl.in
Country	🇮🇳 India
City	Nagpur, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 59.97.237.144

Whois 59.97.237.144

IP Abuse Reports for 59.97.237.144:

This IP address has been reported a total of 32 times from 22 distinct sources. 59.97.237.144 was first reported on June 10th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-13 09:45:09 (3 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-13 05:38:37 (7 hours ago)		Bad Web Bot Web App Attack
🇬🇧 noise.agency	2026-06-13 04:30:56 (9 hours ago)	(wordpress) Failed wordpress login from 59.97.237.144 (IN/India/static.ftth.nnd.59.97.237.144.bsnl.i ... show more (wordpress) Failed wordpress login from 59.97.237.144 (IN/India/static.ftth.nnd.59.97.237.144.bsnl.in) show less	Brute-Force
🇬🇷 setupgr	2026-06-12 12:54:39 (1 day ago)	(XMLRPC) WP XMLPRC Attack 59.97.237.144: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigg ... show more (XMLRPC) WP XMLPRC Attack 59.97.237.144: 1 in the last 86400 secs; Ports: ; Direction: inout; Trigger: LF_TRIGGER; Logs: 59.97.237.144 - - [12/Jun/2026:15:52:36 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18924 "-" "WordPress.com; https://wordpress.com" show less	Port Scan
Anonymous	2026-06-12 11:07:50 (1 day ago)	59.97.237.144 - - [12/Jun/2026:13:07:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by W ... show more 59.97.237.144 - - [12/Jun/2026:13:07:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com" 59.97.237.144 - - [12/Jun/2026:13:07:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 59.97.237.144 - - [12/Jun/2026:13:07:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com" 59.97.237.144 - - [12/Jun/2026:13:07:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 59.97.237.144 - - [12/Jun/2026:13:07:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 624 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" ... show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-12 10:57:20 (1 day ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇳🇱 Site.eu	2026-06-12 10:07:44 (1 day ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 lostswordfish.com	2026-06-12 08:50:06 (1 day ago)	Wordfence waf block on pameganslaw	Web App Attack
🇫🇷 dynamix	2026-06-12 08:17:52 (1 day ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 07:35:23 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 59.97.237.144 (static.ftth.nnd.59.97.237.144.bs ... show more (mod_security) mod_security (id:240335) triggered by 59.97.237.144 (static.ftth.nnd.59.97.237.144.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:35:16.674167 2026] [security2:error] [pid 15690:tid 15690] [client 59.97.237.144:63412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 59.97.237.144 (+1 hits since last alert)\|cienmalos.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cienmalos.com"] [uri "/xmlrpc.php"] [unique_id "aiu2tBz85frglP7oA4OvggAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-11 13:58:40 (1 day ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 13:55:49 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 59.97.237.144 (static.ftth.nnd.59.97.237.144.bs ... show more (mod_security) mod_security (id:240335) triggered by 59.97.237.144 (static.ftth.nnd.59.97.237.144.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:55:44.743381 2026] [security2:error] [pid 27836:tid 27836] [client 59.97.237.144:56823] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 59.97.237.144 (+1 hits since last alert)\|passy.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "passy.us"] [uri "/xmlrpc.php"] [unique_id "aiq-YGKN1K7KNV6tQqzFDwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:53:18 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 59.97.237.144 (static.ftth.nnd.59.97.237.144.bs ... show more (mod_security) mod_security (id:240335) triggered by 59.97.237.144 (static.ftth.nnd.59.97.237.144.bsnl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:53:12.259125 2026] [security2:error] [pid 6471:tid 6471] [client 59.97.237.144:53816] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 59.97.237.144 (+1 hits since last alert)\|prostar.industries\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prostar.industries"] [uri "/xmlrpc.php"] [unique_id "aiqTmB81VBNIAMnxaqdL6wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-11 10:49:06 (2 days ago)	Wordpress Vunerability attack	Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-11 10:48:31 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.108.100.117

🇺🇸 173.244.60.155

🇺🇸 139.177.206.6

🇫🇷 85.217.140.41

🇧🇬 79.124.40.82

🇫🇷 62.210.27.138

🇺🇸 34.58.124.191

🇨🇳 14.103.118.120

🇳🇱 185.93.89.79

🇺🇸 172.236.228.198

🇩🇪 138.246.253.7

🇧🇷 138.204.25.110

🇷🇺 94.19.188.233

🇦🇺 74.91.200.217

🇩🇪 64.89.163.50

🇬🇧 45.82.76.131

🇩🇪 213.209.159.238

🇭🇺 194.180.16.42

🇬🇧 193.163.125.185

🇺🇸 193.3.53.11