๐บ๐ธ
TPI-Abuse
2026-06-29 22:30:14
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 18:30:07.555666 2026] [security2:error] [pid 28685:tid 28685] [client 139.64.20.243:62845] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.64.20.243 (+1 hits since last alert)|georgesmarina.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "georgesmarina.com"] [uri "/xmlrpc.php"] [unique_id "akLx7yHNIqqe5YgNiIokNwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-29 16:27:34
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 12:07:42
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:07:34.743227 2026] [security2:error] [pid 11339:tid 11339] [client 139.64.20.243:61748] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.64.20.243 (+1 hits since last alert)|kobraagencies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kobraagencies.com"] [uri "/xmlrpc.php"] [unique_id "akJgBs4Zpp8qWnp0SlU2OgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 20:55:10
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:55:07.601656 2026] [security2:error] [pid 22866:tid 22889] [client 139.64.20.243:50379] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.64.20.243 (+1 hits since last alert)|reghay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reghay.com"] [uri "/xmlrpc.php"] [unique_id "akGKKy_tD38yA8HidGOIagAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 12:09:56
(2 days ago)
[redacted] 139.64.20.243 - - [28/Jun/2026:14:09:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 139.64.20.243 - - [28/Jun/2026:14:09:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 139.64.20.243 - - [28/Jun/2026:14:09:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 139.64.20.243 - - [28/Jun/2026:14:09:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 139.64.20.243 - - [28/Jun/2026:14:09:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 139.64.20.243 - - [28/Jun/2026:14:09:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 03:49:49
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 139.64.20.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:49:44.589044 2026] [security2:error] [pid 2812:tid 2816] [client 139.64.20.243:56865] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.64.20.243 (+1 hits since last alert)|darkestmoonart.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "darkestmoonart.com"] [uri "/xmlrpc.php"] [unique_id "akCZ2BwZ2pfTm2_6bwRQ-wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-27 19:03:39
(3 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐จ๐ญ
Mario Bretscher
2026-06-27 19:02:56
(3 days ago)
Jun 27 21:02:44 beat-band.ch Cerber(beat-band.ch)[346456]: Authentication failure for beat-band from ...
show more
Jun 27 21:02:44 beat-band.ch Cerber(beat-band.ch)[346456]: Authentication failure for beat-band from 139.64.20.243
Jun 27 21:02:55 beat-band.ch Cerber(beat-band.ch)[343540]: Authentication failure for beat-band from 139.64.20.243
...
show less
Web Spam
Anonymous
2026-06-27 17:20:41
(3 days ago)
[redacted] 139.64.20.243 - - [27/Jun/2026:19:19:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 139.64.20.243 - - [27/Jun/2026:19:19:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 139.64.20.243 - - [27/Jun/2026:19:19:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
[redacted] 139.64.20.243 - - [27/Jun/2026:19:20:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 139.64.20.243 - - [27/Jun/2026:19:20:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 139.64.20.243 - - [27/Jun/2026:19:20:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-27 08:39:10
(3 days ago)
Attac
Brute-Force