Anonymous
2026-07-10 00:32:29
(33 minutes ago)
[redacted] 197.45.81.43 - - [10/Jul/2026:02:31:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 197.45.81.43 - - [10/Jul/2026:02:31:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 197.45.81.43 - - [10/Jul/2026:02:31:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 197.45.81.43 - - [10/Jul/2026:02:32:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site58528048.com"
[redacted] 197.45.81.43 - - [10/Jul/2026:02:32:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
[redacted] 197.45.81.43 - - [10/Jul/2026:02:32:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:42:29
(9 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:42:25.454173 2026] [security2:error] [pid 29754:tid 29754] [client 197.45.81.43:57249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.45.81.43 (+1 hits since last alert)|agrollum.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "agrollum.com"] [uri "/xmlrpc.php"] [unique_id "ak_BYWQDSBGJRwUa_xjn0wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:12:22
(9 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:12:15.734115 2026] [security2:error] [pid 14505:tid 14509] [client 197.45.81.43:60589] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.45.81.43 (+1 hits since last alert)|giere.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "giere.us"] [uri "/xmlrpc.php"] [unique_id "ak-6T-Y2EFJn7W8l71gZrgAAAIA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:39:22
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:39:18.845067 2026] [security2:error] [pid 22952:tid 22952] [client 197.45.81.43:60346] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.45.81.43 (+1 hits since last alert)|goldcountrygermanamericanclub.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goldcountrygermanamericanclub.org"] [uri "/xmlrpc.php"] [unique_id "ak8l9gRj4IcntsEJnj6YiAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-09 04:35:26
(20 hours ago)
(xmlrpc_405) XMLRPC-Bot 405 197.45.81.43 (EG/Egypt/-)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 01:10:43
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:10:39.795798 2026] [security2:error] [pid 572:tid 572] [client 197.45.81.43:64434] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.45.81.43 (+1 hits since last alert)|robotsinme.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "robotsinme.org"] [uri "/xmlrpc.php"] [unique_id "ak71D4paqdyuVxal2lfg6wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 23:40:00
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:39:51.922279 2026] [security2:error] [pid 125317:tid 125317] [client 197.45.81.43:58711] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.45.81.43 (+1 hits since last alert)|smilingorc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smilingorc.com"] [uri "/xmlrpc.php"] [unique_id "ak7fxyKG6n8RUcTVDUqXegAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 22:39:04
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.45.81.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 18:38:56.547848 2026] [security2:error] [pid 31994:tid 31994] [client 197.45.81.43:49449] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.45.81.43 (+1 hits since last alert)|phalanxemail.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "phalanxemail.net"] [uri "/xmlrpc.php"] [unique_id "ak7RgMhrrXfR9OKeF1D_DwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-08 22:25:13
(1 day ago)
Web App Attack