๐บ๐ธ
integrantservices.com
2026-07-09 08:47:10
(18 hours ago)
(wordpress) Failed wordpress login from 103.137.148.42 (IN/India/-)
Brute-Force
๐ซ๐ฎ
YF
2026-07-06 13:00:25
(3 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
Anonymous
2026-07-06 12:44:04
(3 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-06 05:53:46
(3 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 07:04:12
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:04:06.104499 2026] [security2:error] [pid 18685:tid 18685] [client 103.137.148.42:52834] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.137.148.42 (+1 hits since last alert)|bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "ajTp5hIBLAOAPxzPC_NZIQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-18 14:27:19
(3 weeks ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ซ๐ท
dynamix
2026-06-18 06:57:29
(3 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 13:41:48
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:41:40.796496 2026] [security2:error] [pid 23484:tid 23484] [client 103.137.148.42:53335] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.137.148.42 (+1 hits since last alert)|theyoungstrategist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theyoungstrategist.com"] [uri "/xmlrpc.php"] [unique_id "ajKkFGLmividA064Nqg3nwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-06-09 07:35:18
(1 month ago)
103.137.148.42 - - [09/Jun/2026:15:34:56 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack/12 ...
show more
103.137.148.42 - - [09/Jun/2026:15:34:56 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack/12.1; WordPress/6.4; http://site24863881.com"
103.137.148.42 - - [09/Jun/2026:15:35:07 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "WordPress.com; https://wordpress.com"
103.137.148.42 - - [09/Jun/2026:15:35:17 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
๐ฉ๐ช
rh24
2026-06-09 05:01:04
(1 month ago)
(xmlrpc_405) XMLRPC-Bot 405 103.137.148.42 (IN/India/-)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-03 08:59:36
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 04:59:28.942422 2026] [security2:error] [pid 30724:tid 30724] [client 103.137.148.42:58918] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.137.148.42 (+1 hits since last alert)|karenbernsteinlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "karenbernsteinlaw.com"] [uri "/xmlrpc.php"] [unique_id "ah_s8EjRiDcDjxdr68mAVAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-30 14:17:36
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.137.148.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 10:17:28.251909 2026] [security2:error] [pid 32430:tid 32430] [client 103.137.148.42:55198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.137.148.42 (+1 hits since last alert)|solarfarms.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "solarfarms.info"] [uri "/xmlrpc.php"] [unique_id "ahrxeH42gsRJzvFqfy9iWwAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ad0lar
2025-04-15 10:40:38
(1 year ago)
ports, 445/24H:1/7D:1
Port Scan
๐น๐ท
rtbh.com.tr
2025-03-28 12:48:31
(1 year ago)
list.rtbh.com.tr report: tcp/445
Brute-Force
๐ฉ๐ช
kalof
2025-03-28 09:41:16
(1 year ago)
ports, 445/24H:1/7D:1
Port Scan