๐ฉ๐ช
neckaralb-admin.de
2026-07-11 17:00:20
(37 minutes ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-10 20:21:35
(21 hours ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 18:08:58
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 14:08:50.459284 2026] [security2:error] [pid 19297:tid 19297] [client 102.66.144.42:26943] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.66.144.42 (+1 hits since last alert)|lysedzija.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lysedzija.com"] [uri "/xmlrpc.php"] [unique_id "alE1Mt7xr_osbtJfnzDyXgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 16:55:59
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 12:55:53.769193 2026] [security2:error] [pid 1019:tid 1019] [client 102.66.144.42:2132] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.66.144.42 (+1 hits since last alert)|iplayriichi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iplayriichi.com"] [uri "/xmlrpc.php"] [unique_id "alEkGecuHDhUfX9cPFPm_QAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-10 15:26:16
(1 day ago)
102.66.144.42 - - [10/Jul/2026:11:23:45 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.c ...
show more
102.66.144.42 - - [10/Jul/2026:11:23:45 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
102.66.144.42 - - [10/Jul/2026:11:25:21 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
102.66.144.42 - - [10/Jul/2026:11:25:43 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
102.66.144.42 - - [10/Jul/2026:11:25:53 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
102.66.144.42 - - [10/Jul/2026:11:26:15 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5724 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 12:51:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 08:51:10.859001 2026] [security2:error] [pid 14241:tid 14241] [client 102.66.144.42:64713] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.66.144.42 (+1 hits since last alert)|forefrontmusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "forefrontmusic.com"] [uri "/xmlrpc.php"] [unique_id "alDqvjP34iYuGNkL6k_EegAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 21:02:36
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 17:02:30.396310 2026] [security2:error] [pid 10060:tid 10074] [client 102.66.144.42:40977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.66.144.42 (+1 hits since last alert)|teritemme.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "teritemme.com"] [uri "/xmlrpc.php"] [unique_id "alAMZnOnm0SvfmsumpyPOgAAAQE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-09 17:57:01
(1 day ago)
Wordpress unauthorized access attempt
Brute-Force
Anonymous
2026-07-09 13:46:40
(2 days ago)
[redacted] 102.66.144.42 - - [09/Jul/2026:15:45:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ...
show more
[redacted] 102.66.144.42 - - [09/Jul/2026:15:45:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 102.66.144.42 - - [09/Jul/2026:15:46:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site60672791.com"
[redacted] 102.66.144.42 - - [09/Jul/2026:15:46:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 102.66.144.42 - - [09/Jul/2026:15:46:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 102.66.144.42 - - [09/Jul/2026:15:46:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site23990467.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 10:50:41
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:50:36.546568 2026] [security2:error] [pid 15914:tid 15914] [client 102.66.144.42:60931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.66.144.42 (+1 hits since last alert)|braintechsoftwaresolutions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "braintechsoftwaresolutions.com"] [uri "/xmlrpc.php"] [unique_id "ak98_Nnp1xWu668fF-T5uwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-08 21:45:07
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-08 14:10:06
(3 days ago)
(wordpress) Failed wordpress login from 102.66.144.42 (-)
Brute-Force
๐บ๐ธ
TAY
2026-07-08 12:28:34
(3 days ago)
102.66.144.42 - - [08/Jul/2026:20:28:12 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6389 "-" "Jetpack/12. ...
show more
102.66.144.42 - - [08/Jul/2026:20:28:12 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6389 "-" "Jetpack/12.5; WordPress/6.1; http://site37612968.com"
102.66.144.42 - - [08/Jul/2026:20:28:22 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6389 "-" "Jetpack by WordPress.com"
102.66.144.42 - - [08/Jul/2026:20:28:33 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6389 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
...
show less
Brute-Force
๐ช๐ธ
alferez
2026-07-08 08:02:38
(3 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 20:18:09
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.66.144.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:18:04.701503 2026] [security2:error] [pid 9959:tid 9959] [client 102.66.144.42:27814] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.66.144.42 (+1 hits since last alert)|webuychesterfieldhouses.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "webuychesterfieldhouses.com"] [uri "/xmlrpc.php"] [unique_id "ak1e_IFTiC2LoNS9E37QfQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack