๐บ๐ธ
TPI-Abuse
2026-07-14 17:45:19
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 13:45:11.576540 2026] [security2:error] [pid 19429:tid 19429] [client 39.48.46.47:64408] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.46.47 (+1 hits since last alert)|rentkase.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rentkase.com"] [uri "/xmlrpc.php"] [unique_id "alZ1p1eENuUHolMEa4oSHAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 16:15:59
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 12:15:51.227865 2026] [security2:error] [pid 28939:tid 28939] [client 39.48.46.47:56153] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.46.47 (+1 hits since last alert)|spacebooger.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "spacebooger.com"] [uri "/xmlrpc.php"] [unique_id "alZgt1pPi3fu30eE4sPA1gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-14 15:41:11
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-14 12:55:36
(1 day ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-14 11:12:35
(1 day ago)
39.48.46.47 - - [14/Jul/2026:07:10:57 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com ...
show more
39.48.46.47 - - [14/Jul/2026:07:10:57 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.48.46.47 - - [14/Jul/2026:07:11:19 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.48.46.47 - - [14/Jul/2026:07:11:30 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.48.46.47 - - [14/Jul/2026:07:12:24 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
39.48.46.47 - - [14/Jul/2026:07:12:34 -0400] "POST /xmlrpc.php HTTP/1.1" 200 5129 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 08:14:32
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 04:14:28.443616 2026] [security2:error] [pid 30828:tid 30828] [client 39.48.46.47:63248] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.46.47 (+1 hits since last alert)|insidemilb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "insidemilb.com"] [uri "/xmlrpc.php"] [unique_id "alXv5OvkWUlhA9O4ohtO3gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-14 08:08:09
(1 day ago)
39.48.46.47 - - [14/Jul/2026:13:
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 10:50:06
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 06:49:58.445258 2026] [security2:error] [pid 17802:tid 17802] [client 39.48.46.47:63652] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.46.47 (+1 hits since last alert)|desarrollosdecolima.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desarrollosdecolima.com"] [uri "/xmlrpc.php"] [unique_id "alTC1joK24yypfBbqk3zAQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 07:44:19
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.46.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 03:44:13.260678 2026] [security2:error] [pid 18920:tid 18937] [client 39.48.46.47:58979] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.46.47 (+1 hits since last alert)|bortec-corp.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bortec-corp.com"] [uri "/xmlrpc.php"] [unique_id "alSXTZ-Dl7ZDhg0NSZ7AwAAAAFA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-12 16:49:39
(3 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; ht ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; https://wordpress.com","Jetpack/13.0; WordPress/6.2; http://site15932982.com","Jetpack/13.0; WordPress/6.3; http://site99806607.com",
show less
Brute-Force
Web App Attack
Anonymous
2026-07-11 18:12:49
(4 days ago)
[redacted] 39.48.46.47 - - [11/Jul/2026:20:11:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jet ...
show more
[redacted] 39.48.46.47 - - [11/Jul/2026:20:11:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 39.48.46.47 - - [11/Jul/2026:20:11:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
[redacted] 39.48.46.47 - - [11/Jul/2026:20:12:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 39.48.46.47 - - [11/Jul/2026:20:12:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
[redacted] 39.48.46.47 - - [11/Jul/2026:20:12:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
...
show less
Hacking
Web App Attack
๐ง๐ช
Fanjoe
2026-07-11 18:11:41
(4 days ago)
Jul 11 20:11:12 raspberrypi wordpress\(fanjoe.be\)\[427\]: XML-RPC authentication failure for fanjoe ...
show more
Jul 11 20:11:12 raspberrypi wordpress\(fanjoe.be\)\[427\]: XML-RPC authentication failure for fanjoe from 39.48.46.47\
Jul 11 20:11:20 raspberrypi wordpress\(fanjoe.be\)\[25369\]: XML-RPC authentication failure for fanjoe from 39.48.46.47\
Jul 11 20:11:31 raspberrypi wordpress\(fanjoe.be\)\[25367\]: XML-RPC authentication failure for fanjoe from 39.48.46.47\
show less
Brute-Force
Web App Attack