|
Anonymous
|
|
Attac
|
Brute-Force
|
|
|
๐บ๐ธ
WeekendWeb
|
|
Wordpress Vunerability attack
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 10:17:44.158082 2026] [security2:error] [pid 2246:tid 2246] [client 197.39.68.169:62069] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.39.68.169 (+1 hits since last alert)|medusakenya.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "medusakenya.com"] [uri "/xmlrpc.php"] [unique_id "ajfyiBzrd_9R8YXiLRkwjgAAACI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 09:16:27.342242 2026] [security2:error] [pid 6378:tid 6402] [client 197.39.68.169:59013] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.39.68.169 (+1 hits since last alert)|tnccivic.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tnccivic.org"] [uri "/xmlrpc.php"] [unique_id "ajfkK7pvLc_QXisvxfWloAAAAVQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
SpaceHost-Server
|
|
197.39.68.169 - - [21/Jun/2026:12:11:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Jetpack by ...
show more
197.39.68.169 - - [21/Jun/2026:12:11:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Jetpack by WordPress.com"
197.39.68.169 - - [21/Jun/2026:12:11:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "Jetpack/12.1; WordPress/6.4; http://site92233418.com"
197.39.68.169 - - [21/Jun/2026:12:11:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6398 "-" "WordPress.com; https://wordpress.com"
show less
|
Hacking
Web App Attack
|
|
|
๐ซ๐ท
SpaceHost-Server
|
|
197.39.68.169 - - [21/Jun/2026:11:56:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/12. ...
show more
197.39.68.169 - - [21/Jun/2026:11:56:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/12.5; WordPress/6.4; http://site50212357.com"
197.39.68.169 - - [21/Jun/2026:11:56:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com"
197.39.68.169 - - [21/Jun/2026:11:56:30 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com"
show less
|
Hacking
Web App Attack
|
|
|
๐ซ๐ท
SpaceHost-Server
|
|
197.39.68.169 - - [21/Jun/2026:11:40:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by ...
show more
197.39.68.169 - - [21/Jun/2026:11:40:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
197.39.68.169 - - [21/Jun/2026:11:40:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com"
197.39.68.169 - - [21/Jun/2026:11:41:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com"
show less
|
Hacking
Web App Attack
|
|
|
๐ช๐ธ
alferez
|
|
xmlrpc.php attack DOS
|
Hacking
Exploited Host
Web App Attack
|
|
|
Anonymous
|
|
197.39.68.169 - - [21/Jun/2026:00:00:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by W ...
show more
197.39.68.169 - - [21/Jun/2026:00:00:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
197.39.68.169 - - [21/Jun/2026:00:00:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
197.39.68.169 - - [21/Jun/2026:00:00:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
197.39.68.169 - - [21/Jun/2026:00:00:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
197.39.68.169 - - [21/Jun/2026:00:00:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
...
show less
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 16:03:56.443040 2026] [security2:error] [pid 28626:tid 28626] [client 197.39.68.169:62786] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.39.68.169 (+1 hits since last alert)|investorsfundingusa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "investorsfundingusa.com"] [uri "/xmlrpc.php"] [unique_id "ajbyLA0ohKAqE3aOM6HGKAAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 14:21:13.579816 2026] [security2:error] [pid 18247:tid 18261] [client 197.39.68.169:58398] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||campingcosmetics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "campingcosmetics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajbaGUQ4C9cU-H-GNahfLwAAAQw"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 10:51:00.967107 2026] [security2:error] [pid 13599:tid 13599] [client 197.39.68.169:54496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.39.68.169 (+1 hits since last alert)|thewhispertwins.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thewhispertwins.com"] [uri "/xmlrpc.php"] [unique_id "ajao1O01n0ld51fM5eUFzQAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Trying to access config files
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.39.68.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:39:27.418595 2026] [security2:error] [pid 7655:tid 7655] [client 197.39.68.169:50198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.39.68.169 (+1 hits since last alert)|instalatoribucuresti.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "instalatoribucuresti.com"] [uri "/xmlrpc.php"] [unique_id "ajZRv4vs646ef-RlW3994QAAABc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
rh24
|
|
(wordpress) Failed wordpress login from 197.39.68.169 (EG/Egypt/-): (CF_ENABLE)
|
Brute-Force
|
|