|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:46:18.093136 2026] [security2:error] [pid 1435:tid 1435] [client 103.225.58.6:64635] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.225.58.6 (+1 hits since last alert)|apuntesdeinversion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "ai_X-skxwrDU4DD8M6Pa7gAAABQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ณ๐ฑ
Site.eu
|
|
Repeated wp-login/xmlrpc attempts
|
Brute-Force
SSH
|
|
|
๐ฉ๐ช
Marc
|
|
103.225.58.6 - - [13/Jun/2026:10:13:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3296 "-" "Jetpack/12.5 ...
show more
103.225.58.6 - - [13/Jun/2026:10:13:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3296 "-" "Jetpack/12.5; WordPress/6.2; http://site24429286.com" 103.225.58.6 - - [13/Jun/2026:10:13:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack/12.1; WordPress/6.1; http://site21273254.com" 103.225.58.6 - - [13/Jun/2026:10:13:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3294 "-" "Jetpack by WordPress.com"
show less
|
Brute-Force
Web App Attack
|
|
|
๐ฉ๐ช
ger-stg-sifi1
|
|
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
|
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐ณ๐ฑ
Site.eu
|
|
Repeated wp-login/xmlrpc attempts
|
Brute-Force
SSH
|
|
|
๐ฆ๐บ
LiftUp Hosting
|
|
Honeypot hit: SMB traffic on port 445
|
Hacking
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 07:13:36.265976 2026] [security2:error] [pid 16302:tid 16302] [client 103.225.58.6:54412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.225.58.6 (+1 hits since last alert)|sizefinder.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sizefinder.com"] [uri "/xmlrpc.php"] [unique_id "aivp4MSmUb2vOZ2xCsWUXwAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 06:33:25.140446 2026] [security2:error] [pid 24159:tid 24159] [client 103.225.58.6:52638] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.225.58.6 (+1 hits since last alert)|gaeltv.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gaeltv.com"] [uri "/xmlrpc.php"] [unique_id "aivgdZnPemsL9ivdwEUXnAAAAA8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Attac
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 12:19:18.124193 2026] [security2:error] [pid 826:tid 826] [client 103.225.58.6:54883] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.225.58.6 (+1 hits since last alert)|cloudex.link|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cloudex.link"] [uri "/xmlrpc.php"] [unique_id "airgBj5c2bRamq0794A-2gAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
[redacted] 103.225.58.6 - - [11/Jun/2026:12:10:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 103.225.58.6 - - [11/Jun/2026:12:10:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
[redacted] 103.225.58.6 - - [11/Jun/2026:12:10:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.225.58.6 - - [11/Jun/2026:12:10:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
[redacted] 103.225.58.6 - - [11/Jun/2026:12:11:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site66051390.com"
[redacted] 103.225.58.6 - - [11/Jun/2026:12:11:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site29786704.com"
...
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 05:18:37.479123 2026] [security2:error] [pid 27685:tid 27685] [client 103.225.58.6:58339] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.225.58.6 (+1 hits since last alert)|churchbehindthewalls.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "churchbehindthewalls.com"] [uri "/xmlrpc.php"] [unique_id "aip9bbgvlwrpjv0xkgsu3wAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐น
urnilxfgbez
|
|
Last 24 Hours suspicious: (DPT=445|DPT=3389|DPT=22|DPT=3306|DPT=8080|DPT=23|DPT=5900|DPT=1433)
|
Port Scan
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 103.225.58.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 03:57:25.662390 2026] [security2:error] [pid 7466:tid 7466] [client 103.225.58.6:52262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.225.58.6 (+1 hits since last alert)|kmelson.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kmelson.com"] [uri "/xmlrpc.php"] [unique_id "aikY5ZJclRk5nOyFnv0EAAAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|