๐บ๐ธ
TPI-Abuse
2026-07-09 22:41:40
(13 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 18:41:33.595711 2026] [security2:error] [pid 32750:tid 32750] [client 102.179.10.224:63091] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.10.224 (+1 hits since last alert)|stantontownship.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stantontownship.org"] [uri "/xmlrpc.php"] [unique_id "alAjnXMP-_BRMG8zDkR2ygAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-09 21:06:13
(14 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:07:24
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:07:16.294141 2026] [security2:error] [pid 24694:tid 24694] [client 102.179.10.224:56413] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.10.224 (+1 hits since last alert)|bergopro.co.uk|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bergopro.co.uk"] [uri "/xmlrpc.php"] [unique_id "ak-5JMyK3AsjnoI4yJJRDAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-09 15:03:39
(20 hours ago)
(wordpress) Failed wordpress login from 102.179.10.224 (BF/Burkina Faso/-)
Brute-Force
๐ฉ๐ช
konseptit
2026-07-08 18:05:30
(1 day ago)
(wordpress) Failed wordpress login from 102.179.10.224 (BF/Burkina Faso/-)
Brute-Force
Anonymous
2026-07-08 17:35:21
(1 day ago)
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/we ...
show more
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.weihnachtsbasar-athen.gr; logs=/var/log/httpd/domains/weihnachtsbasar-athen.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
bazter.pro
2026-07-06 07:36:03
(4 days ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-05 21:12:16
(4 days ago)
[SunJul0523:12:11.6122742026][security2:error][pid3327000:tid3327120][client102.179.10.224:0]ModSecu ...
show more
[SunJul0523:12:11.6122742026][security2:error][pid3327000:tid3327120][client102.179.10.224:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"manuclean.ch\"][uri\"/xmlrpc.php\"][unique_id\"akrIq9uSvfWd02OMzWjNuwAAARE\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
2026-07-04 19:59:03
(5 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 13:37:49
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 09:37:43.303481 2026] [security2:error] [pid 32747:tid 32747] [client 102.179.10.224:49468] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.10.224 (+1 hits since last alert)|glassclublake.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "glassclublake.com"] [uri "/xmlrpc.php"] [unique_id "ake7J7ruIgl9ryDhmcfyaAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 12:18:17
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:18:09.993268 2026] [security2:error] [pid 14503:tid 14503] [client 102.179.10.224:57210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.10.224 (+1 hits since last alert)|goseethenurse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/xmlrpc.php"] [unique_id "akeogefZs1PtLI-WHU9IegAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marc
2026-07-02 11:06:59
(1 week ago)
102.179.10.224 - - [02/Jul/2026:13:06:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "Jetpack/13 ...
show more
102.179.10.224 - - [02/Jul/2026:13:06:37 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "Jetpack/13.0; WordPress/6.1; http://site50972143.com" 102.179.10.224 - - [02/Jul/2026:13:06:46 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3719 "-" "WordPress.com; https://wordpress.com" 102.179.10.224 - - [02/Jul/2026:13:06:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "Jetpack/13.0; WordPress/6.1; http://site94451753.com"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 23:21:25
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.10.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:21:17.621671 2026] [security2:error] [pid 11508:tid 11508] [client 102.179.10.224:57519] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.10.224 (+1 hits since last alert)|usaangelinvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "usaangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "akWg7SLexs16yGlh7TEuvAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-01 22:51:04
(1 week ago)
(wordpress) Failed wordpress login from 102.179.10.224 (BF/Burkina Faso/-)
Brute-Force
๐ฉ๐ช
rh24
2026-07-01 17:04:33
(1 week ago)
(wordpress) Failed wordpress login from 102.179.10.224 (BF/Burkina Faso/-): (CF_ENABLE)
Brute-Force