|
๐บ๐ธ
kosada.com
|
|
Web bot: denial-of-service flood
|
DDoS Attack
Bad Web Bot
|
|
|
๐ซ๐ท
masterguru
|
|
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
|
Hacking
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:50:29.579211 2026] [security2:error] [pid 1764:tid 1764] [client 203.147.139.45:16409] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 203.147.139.45 (+1 hits since last alert)|lspfest.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lspfest.com"] [uri "/xmlrpc.php"] [unique_id "akH5lWA90kbYx1ltiH_j5wAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Attac
|
Brute-Force
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐ณ๐ฑ
wlt-blocker
|
|
Unauthorized access to webpage admin
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:01:57.377914 2026] [security2:error] [pid 19072:tid 19072] [client 203.147.139.45:10644] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 203.147.139.45 (+1 hits since last alert)|solucionesmercadeodigital.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "solucionesmercadeodigital.com"] [uri "/xmlrpc.php"] [unique_id "akHEBXw_IvY0lOLv7wrRKAAAABQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:55:17.411531 2026] [security2:error] [pid 24194:tid 24194] [client 203.147.139.45:15570] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 203.147.139.45 (+1 hits since last alert)|edmestonfd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edmestonfd.com"] [uri "/xmlrpc.php"] [unique_id "ajjqZb_ILfWd3c8PdBTHCgAAABs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:37:44.608509 2026] [security2:error] [pid 695:tid 695] [client 203.147.139.45:12049] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 203.147.139.45 (+1 hits since last alert)|lumentravel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lumentravel.com"] [uri "/xmlrpc.php"] [unique_id "ajif-EGJiWq2Ie155opxNgAAAAA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
[redacted] 203.147.139.45 - - [21/Jun/2026:11:23:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 203.147.139.45 - - [21/Jun/2026:11:23:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site29194992.com"
[redacted] 203.147.139.45 - - [21/Jun/2026:11:23:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 203.147.139.45 - - [21/Jun/2026:11:23:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
[redacted] 203.147.139.45 - - [21/Jun/2026:11:24:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site38217437.com"
[redacted] 203.147.139.45 - - [21/Jun/2026:11:24:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 203.147.139.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 23:42:45.585439 2026] [security2:error] [pid 10537:tid 10537] [client 203.147.139.45:12546] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 203.147.139.45 (+1 hits since last alert)|nomanszone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nomanszone.com"] [uri "/xmlrpc.php"] [unique_id "ajddtYgmJto69sVxfSDRdgAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
Marc
|
|
203.147.139.45 - - [30/May/2026:11:30:29 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by ...
show more
203.147.139.45 - - [30/May/2026:11:30:29 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by WordPress.com" 203.147.139.45 - - [30/May/2026:11:30:39 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3218 "-" "WordPress.com; https://wordpress.com" 203.147.139.45 - - [30/May/2026:11:30:50 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3220 "-" "Jetpack by WordPress.com"
show less
|
Brute-Force
Web App Attack
|
|
|
๐ฎ๐น
VHosting
|
|
Detected WordPress attack from 4 different servers
|
Brute-Force
Web App Attack
|
|