๐บ๐ธ
TPI-Abuse
2026-07-12 08:59:04
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 04:58:59.009628 2026] [security2:error] [pid 13352:tid 13352] [client 37.231.216.142:43802] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.231.216.142 (+1 hits since last alert)|fishleadership.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "alNXU9PRFbVfb-Xpz7PlxAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 07:14:00
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 03:13:55.325067 2026] [security2:error] [pid 21365:tid 21365] [client 37.231.216.142:45658] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.231.216.142 (+1 hits since last alert)|cmcnow.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cmcnow.com"] [uri "/xmlrpc.php"] [unique_id "alM-s6-OZxMzk19aDoSP-QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Dolphi
2026-07-12 06:40:07
(13 hours ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-12 06:21:24
(13 hours ago)
37.231.216.142 - - [12/Jul/2026:
...
Brute-Force
Anonymous
2026-07-12 06:21:18
(13 hours ago)
[redacted] 37.231.216.142 - - [12/Jul/2026:08:20:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 37.231.216.142 - - [12/Jul/2026:08:20:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site20226289.com"
[redacted] 37.231.216.142 - - [12/Jul/2026:08:20:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 37.231.216.142 - - [12/Jul/2026:08:20:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site74774823.com"
[redacted] 37.231.216.142 - - [12/Jul/2026:08:21:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 37.231.216.142 - - [12/Jul/2026:08:21:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 02:00:52
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 22:00:46.179769 2026] [security2:error] [pid 8186:tid 8186] [client 37.231.216.142:39621] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.231.216.142 (+1 hits since last alert)|prayers4america.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prayers4america.com"] [uri "/xmlrpc.php"] [unique_id "alL1TmEY02hKNXi4xxBabwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-12 01:57:38
(17 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 13:35:47
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 37.231.216.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 09:35:43.137527 2026] [security2:error] [pid 31558:tid 31558] [client 37.231.216.142:49565] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.231.216.142 (+1 hits since last alert)|wwfstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wwfstudio.com"] [uri "/xmlrpc.php"] [unique_id "alJGr8SACoYIKFH4z8f8xgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-01 20:02:34
(1 year ago)
Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK
Brute-Force
SSH