๐บ๐ธ
TPI-Abuse
2026-07-02 02:53:50
(1 hour ago)
(mod_security) mod_security (id:240335) triggered by 212.47.142.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 212.47.142.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:53:44.641908 2026] [security2:error] [pid 5120:tid 5120] [client 212.47.142.242:8726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.47.142.242 (+1 hits since last alert)|jdsqrd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jdsqrd.com"] [uri "/xmlrpc.php"] [unique_id "akXSuBwW8DEADdI7oYde5wAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
bsoft.de
2026-07-02 02:51:34
(1 hour ago)
212.47.142.242 - - [02/Jul/2026:04:51:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12. ...
show more
212.47.142.242 - - [02/Jul/2026:04:51:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site69134874.com"
212.47.142.242 - - [02/Jul/2026:04:51:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
212.47.142.242 - - [02/Jul/2026:04:51:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site94351671.com"
show less
Web App Attack
Anonymous
2026-07-01 19:04:10
(9 hours ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 18:36:01
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 212.47.142.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 212.47.142.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 14:35:54.950715 2026] [security2:error] [pid 19334:tid 19334] [client 212.47.142.242:8977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.47.142.242 (+1 hits since last alert)|aroilcontrolsystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aroilcontrolsystem.com"] [uri "/xmlrpc.php"] [unique_id "akVeCqRzDxg8kObVUy4c5gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
clapper
2026-07-01 15:32:45
(13 hours ago)
(mod_security) mod_security (id:350202) triggered by 212.47.142.242 (AZ/Azerbaijan/-): 5 in the last ...
show more
(mod_security) mod_security (id:350202) triggered by 212.47.142.242 (AZ/Azerbaijan/-): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 13:58:40
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 212.47.142.242 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 212.47.142.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:58:35.882257 2026] [security2:error] [pid 18905:tid 18912] [client 212.47.142.242:5915] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.47.142.242 (+1 hits since last alert)|dasperformance.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dasperformance.com"] [uri "/xmlrpc.php"] [unique_id "akUdC-aRJ7-zHI2DcuKf5wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 14:03:10
(2 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฌ๐ง
Oakley
2026-04-25 21:02:08
(2 months ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐ธ๐ฌ
Sean64
2023-06-09 04:44:11
(3 years ago)
Jun 9 12:42:23 sean postfix/smtpd[3866108]: NOQUEUE: reject: RCPT from unknown[212.47.142.242]: 554 ...
show more
Jun 9 12:42:23 sean postfix/smtpd[3866108]: NOQUEUE: reject: RCPT from unknown[212.47.142.242]: 554 5.7.1 <[email protected] >: Sender address rejected: Access denied; from=<[email protected] > to=<[email protected] > proto=ESMTP helo=<[212.47.142.242]>
Jun 9 12:43:00 sean postfix/smtpd[3866108]: NOQUEUE: reject: RCPT from unknown[212.47.142.242]: 554 5.7.1 <[email protected] >: Sender address rejected: Access denied; from=<[email protected] > to=<[email protected] > proto=ESMTP helo=<[212.47.142.242]>
Jun 9 12:44:10 sean postfix/smtpd[3866108]: NOQUEUE: reject: RCPT from unknown[212.47.142.242]: 554 5.7.1 <[email protected] >: Sender address rejected: Access denied; from=<[email protected] > to=<[email protected] > proto=ESMTP helo=<[212.47.142.242]>
...
show less
Email Spam
Brute-Force
Anonymous
2022-10-17 12:16:50
(3 years ago)
Oct 17 18:16:43 ns3104219 postfix/smtpd[3378]: NOQUEUE: reject: RCPT from unknown[212.47.142.242]: 4 ...
show more
Oct 17 18:16:43 ns3104219 postfix/smtpd[3378]: NOQUEUE: reject: RCPT from unknown[212.47.142.242]: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [212.47.142.242]; from=<[email protected] > to=<[email protected] > proto=ESMTP helo=<[212.47.142.242]>
...
show less
Email Spam
Web App Attack
๐บ๐ธ
VSM Networks
2021-06-30 16:46:58
(5 years ago)
Credential Stuffing
Brute-Force