๐บ๐ธ
TPI-Abuse
2026-06-16 04:48:51
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 00:48:45.397522 2026] [security2:error] [pid 25601:tid 25601] [client 110.137.130.144:50451] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.137.130.144 (+1 hits since last alert)|versallis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "versallis.com"] [uri "/xmlrpc.php"] [unique_id "ajDVrS8iZqlxXKEwRU5Q_AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 04:21:49
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 00:21:40.576398 2026] [security2:error] [pid 10013:tid 10013] [client 110.137.130.144:57443] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.137.130.144 (+1 hits since last alert)|directcch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "directcch.com"] [uri "/xmlrpc.php"] [unique_id "ajDPVE4xsbIQuinjgcU-VwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-06-16 01:07:49
(2 weeks ago)
110.137.130.144 - [16/Jun/2026:04:07:39 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack/12 ...
show more
110.137.130.144 - [16/Jun/2026:04:07:39 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack/12.0; WordPress/6.1; http://site84772539.com" "-"
110.137.130.144 - [16/Jun/2026:04:07:48 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "WordPress.com; https://wordpress.com" "-"
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-06-16 00:51:58
(2 weeks ago)
110.137.130.144 - [16/Jun/2026:03:51:49 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack by ...
show more
110.137.130.144 - [16/Jun/2026:03:51:49 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18963 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" "-"
110.137.130.144 - [16/Jun/2026:03:51:57 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18050 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)" "-"
...
show less
Hacking
Brute-Force
Web App Attack
๐ง๐ท
dominioz
2026-06-15 17:06:50
(2 weeks ago)
2026-06-15 17:03:29 POST /xmlrpc.php - - 110.137.130.144 HTTP/1.1 WordPress.com;+https://wordpress.c ...
show more
2026-06-15 17:03:29 POST /xmlrpc.php - - 110.137.130.144 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-06-15 17:04:35 POST /xmlrpc.php - - 110.137.130.144 HTTP/1.1 Jetpack+by+WordPress.com - 200 650
2026-06-15 17:05:17 POST /xmlrpc.php - - 110.137.130.144 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-06-15 17:05:51 POST /xmlrpc.php - - 110.137.130.144 HTTP/1.1 Jetpack+by+WordPress.com - 200 650
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 15:11:45
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 11:11:38.017526 2026] [security2:error] [pid 21322:tid 21322] [client 110.137.130.144:65311] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.137.130.144 (+1 hits since last alert)|greenlight.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greenlight.us"] [uri "/xmlrpc.php"] [unique_id "ajAWKmq0mdaRbb3mr6MgtAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 09:07:21
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:07:16.361604 2026] [security2:error] [pid 1984:tid 1984] [client 110.137.130.144:59711] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.137.130.144 (+1 hits since last alert)|iuriscorpabc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iuriscorpabc.com"] [uri "/xmlrpc.php"] [unique_id "ai_AxO6-o80D0a5Cv69ziwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 07:03:13
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:03:05.666499 2026] [security2:error] [pid 24956:tid 24956] [client 110.137.130.144:49534] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.137.130.144 (+1 hits since last alert)|telecompros.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "telecompros.net"] [uri "/xmlrpc.php"] [unique_id "ai-jqQ3x6lToiUb61Y-rlgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-15 06:42:21
(2 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 02:30:27
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 110.137.130.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:30:19.742340 2026] [security2:error] [pid 17845:tid 17845] [client 110.137.130.144:59886] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.137.130.144 (+1 hits since last alert)|celltechs.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celltechs.net"] [uri "/xmlrpc.php"] [unique_id "ai9ju0AzGSN05ta4QcFp8QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack