๐ฆ๐บ
screwlooseit.com.au
2026-07-04 11:42:11
(11 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
PK/Pakistan/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:03:17
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:03:09.140862 2026] [security2:error] [pid 14215:tid 14215] [client 137.59.146.94:60208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|kotelbarmitzvah.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kotelbarmitzvah.com"] [uri "/xmlrpc.php"] [unique_id "akiwLVR0ti4PLegAC9-qhgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-03 22:26:46
(1 day ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-02 22:26:40
(2 days ago)
Brute-Force
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-02 17:03:32
(2 days ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 10:34:28
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:34:24.425535 2026] [security2:error] [pid 16851:tid 16851] [client 137.59.146.94:60821] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|d-sinema.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "akTtMKOMT0mYDhYIdvOx0AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:52:51
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:52:46.534801 2026] [security2:error] [pid 21225:tid 21225] [client 137.59.146.94:60634] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|wokedreamer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wokedreamer.com"] [uri "/xmlrpc.php"] [unique_id "akIWPklwDKqFso-fhUNYFAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pscriptos
2026-06-28 17:05:16
(6 days ago)
{"ClientAddr":"137.59.146.94:60342","ClientHost":"137.59.146.94","ClientPort":"60342","ClientUsernam ...
show more
{"ClientAddr":"137.59.146.94:60342","ClientHost":"137.59.146.94","ClientPort":"60342","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":694155356,"OriginContentSize":418,"OriginDuration":690007685,"OriginStatus":403,"Overhead":4147671,"RequestAddr":"www.cleveradmin.de","RequestContentSize":719,"RequestCount":1670570,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-28T19:04:52.675063146+02:00","StartUTC":"2026-06-28T17:04:52.675063146Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-28T19:04:53+02:00"}
{"ClientAddr":"137.59.146.94:60342","ClientHost":"137.59.146.94","
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 04:48:33
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:48:25.644534 2026] [security2:error] [pid 23697:tid 23697] [client 137.59.146.94:60573] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|ucommsi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ucommsi.com"] [uri "/xmlrpc.php"] [unique_id "aj4EmYXmgkjGkIZ4DSG3kgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-25 16:10:19
(1 week ago)
(wordpress) Failed wordpress login from 137.59.146.94 (PK/Pakistan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-25 10:20:48
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 06:20:43.200466 2026] [security2:error] [pid 10996:tid 10996] [client 137.59.146.94:59400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|verdeprofundo.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "aj0A-_YljV9X75RHA32BVwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
oralunal
2026-06-25 04:36:22
(1 week ago)
IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds
...
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-06-24 08:01:35
(1 week ago)
Attaque distribuรฉe subnet
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 06:01:45
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 02:01:37.135978 2026] [security2:error] [pid 5504:tid 5504] [client 137.59.146.94:61029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|freemanfoundationcle.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "freemanfoundationcle.org"] [uri "/xmlrpc.php"] [unique_id "ajtywSA58bMACzBnW2QCDQAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 08:16:10
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 137.59.146.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 04:16:06.145642 2026] [security2:error] [pid 23848:tid 24002] [client 137.59.146.94:60657] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.59.146.94 (+1 hits since last alert)|northtexaslive.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "northtexaslive.com"] [uri "/xmlrpc.php"] [unique_id "ajpAxl2IDsqrf29m2cc_fQAAAhE"]
show less
Brute-Force
Bad Web Bot
Web App Attack