๐ซ๐ฎ
YF
2026-07-07 23:00:17
(1 day ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 21:53:45
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:53:39.066068 2026] [security2:error] [pid 2071:tid 2071] [client 102.179.26.76:60442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|baselinesc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "baselinesc.com"] [uri "/xmlrpc.php"] [unique_id "ak11Y1hjOyieaENfy6MLggAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 16:17:24
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:17:17.776753 2026] [security2:error] [pid 6710:tid 6710] [client 102.179.26.76:53453] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|furbabieslivesmatter.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "furbabieslivesmatter.com"] [uri "/xmlrpc.php"] [unique_id "ak0mjXIHdgf9jEhloDxQYgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 15:47:21
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:47:14.024744 2026] [security2:error] [pid 5804:tid 5804] [client 102.179.26.76:62733] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|fgrotary.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fgrotary.org"] [uri "/xmlrpc.php"] [unique_id "ak0fgn9BZ6H6VBJpV1_VUgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
LRob
2026-07-07 15:12:09
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack/12.5; Wor ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack/12.5; WordPress/6.3; http://site14726416.com","WordPress.com; https://wordpress.com","Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-07 15:11:55
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-06 19:34:57
(2 days ago)
(wordpress) Failed wordpress login from 102.179.26.76 (BF/Burkina Faso/-/-/-/[redacted])
Brute-Force
๐ฉ๐ช
konseptit
2026-07-05 21:54:16
(3 days ago)
(wordpress) Failed wordpress login from 102.179.26.76 (BF/Burkina Faso/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-05 20:27:43
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:27:39.318611 2026] [security2:error] [pid 5832:tid 5832] [client 102.179.26.76:50907] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|visionremota.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "visionremota.info"] [uri "/xmlrpc.php"] [unique_id "akq-O9rAqked__yaZrF6iQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-05 20:22:21
(3 days ago)
(wordpress) Failed wordpress login from 102.179.26.76 (BF/Burkina Faso/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-04 21:52:49
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 17:52:42.778500 2026] [security2:error] [pid 26649:tid 26649] [client 102.179.26.76:50705] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|thereisaplaceonearth.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thereisaplaceonearth.com"] [uri "/xmlrpc.php"] [unique_id "akmAqstP_dyAiowC_EXArgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-04 19:31:26
(4 days ago)
(wordpress) Failed wordpress login from 102.179.26.76 (BF/Burkina Faso/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-03 23:07:33
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:07:29.716533 2026] [security2:error] [pid 21839:tid 21869] [client 102.179.26.76:57030] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|tkfay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tkfay.com"] [uri "/xmlrpc.php"] [unique_id "akhAsTesT70n7iu9DpAaHAAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:37:04
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:37:00.021024 2026] [security2:error] [pid 19711:tid 19711] [client 102.179.26.76:51336] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|thehealthyplaceclayton.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thehealthyplaceclayton.com"] [uri "/xmlrpc.php"] [unique_id "akgrfAi8M1_mbTDPpS0e0gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 03:06:54
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 102.179.26.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 23:06:48.180610 2026] [security2:error] [pid 13197:tid 13197] [client 102.179.26.76:62354] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.179.26.76 (+1 hits since last alert)|therealseska.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "therealseska.com"] [uri "/xmlrpc.php"] [unique_id "akcnSPTqe2f6K1Erv3E76QAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack