๐บ๐ธ
TPI-Abuse
2026-07-06 08:09:50
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:09:42.993369 2026] [security2:error] [pid 22373:tid 22373] [client 120.56.219.141:56240] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.219.141 (+1 hits since last alert)|spacebooger.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "spacebooger.com"] [uri "/xmlrpc.php"] [unique_id "aktixur2FQ8V5xj4MbSz-wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:37:37
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:37:34.155499 2026] [security2:error] [pid 11980:tid 11980] [client 120.56.219.141:64285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.219.141 (+1 hits since last alert)|yogawithbubba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yogawithbubba.com"] [uri "/xmlrpc.php"] [unique_id "aktbPpIrkkIY5oEljXZQIAAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
LTM
2026-07-06 06:20:01
(3 days ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:00:29
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:00:23.945227 2026] [security2:error] [pid 11637:tid 11637] [client 120.56.219.141:52036] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.219.141 (+1 hits since last alert)|tgaguide.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tgaguide.com"] [uri "/xmlrpc.php"] [unique_id "aksMN_on-OA09pb0DyZ69gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-06 01:58:30
(3 days ago)
(xmlrpc) Apache: Failed xmlrpc access from 120.56.219.141 (IN/India/-): 10 in the last 3600 secs (0- ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 120.56.219.141 (IN/India/-): 10 in the last 3600 secs (0-201)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 20:52:57
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:52:52.950705 2026] [security2:error] [pid 1116:tid 1116] [client 120.56.219.141:49835] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.219.141 (+1 hits since last alert)|assheton.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "assheton.com"] [uri "/xmlrpc.php"] [unique_id "akrEJE6QDxmRf6Mq1MPX1wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 20:37:01
(3 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ง๐ช
cmbplf
2026-07-05 20:14:35
(3 days ago)
11.715 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐ซ๐ท
dynamix
2026-07-05 14:10:39
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 12:30:46
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 08:30:40.458043 2026] [security2:error] [pid 24425:tid 24425] [client 120.56.219.141:52640] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.219.141 (+1 hits since last alert)|kavahawaii.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kavahawaii.com"] [uri "/xmlrpc.php"] [unique_id "akpOcAJSiKTCv0-KUF3RNAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-05 12:28:42
(4 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 12:08:25
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 120.56.219.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 08:08:19.690590 2026] [security2:error] [pid 19621:tid 19621] [client 120.56.219.141:63932] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 120.56.219.141 (+1 hits since last alert)|pulleasy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pulleasy.com"] [uri "/xmlrpc.php"] [unique_id "akpJM_-Z7sdd1wfkqTHh4gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-07-05 09:43:27
(4 days ago)
120.56.219.141 - - [05/Jul/2026:17:43:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack/13 ...
show more
120.56.219.141 - - [05/Jul/2026:17:43:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack/13.0; WordPress/6.4; http://site80614310.com"
120.56.219.141 - - [05/Jul/2026:17:43:16 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
120.56.219.141 - - [05/Jul/2026:17:43:26 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5893 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
...
show less
Brute-Force
๐ฉ๐ช
stinpriza
2026-07-05 09:25:01
(4 days ago)
Web App Attack
Web App Attack