๐บ๐ธ
TPI-Abuse
2026-07-16 20:35:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:35:11.775239 2026] [security2:error] [pid 12125:tid 12146] [client 102.209.111.134:64582] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.209.111.134 (+1 hits since last alert)|illianapartyrentals.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "illianapartyrentals.com"] [uri "/xmlrpc.php"] [unique_id "allAf4NWZ5-DA-LtT04rogAAAFM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-16 20:30:52
(1 day ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-16 20:06:38
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:06:34.277752 2026] [security2:error] [pid 28038:tid 28038] [client 102.209.111.134:64606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.209.111.134 (+1 hits since last alert)|hodlmoser.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hodlmoser.com"] [uri "/xmlrpc.php"] [unique_id "alk5ynuG1E1C1Du1WTFB_AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-06 15:29:09
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-04-04 22:00:12
(3 months ago)
Try to access /xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 21:39:21
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 17:39:16.313453 2026] [security2:error] [pid 8472:tid 8472] [client 102.209.111.134:20947] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||36sovereignchambers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "36sovereignchambers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adGFBHRtyiMBRHjSjbjrzQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 20:30:19
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 16:29:57.045496 2026] [security2:error] [pid 30112:tid 30112] [client 102.209.111.134:60543] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||altoshp.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "altoshp.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adF0xXwoIJiu_lUhi0YmfgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-04-03 22:00:16
(3 months ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
-
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-04-03 21:44:04
(3 months ago)
Probing websites for vulnerabilities
Web App Attack
๐ฉ๐ช
Marc
2026-04-02 03:57:29
(3 months ago)
Brute-Force
Web App Attack
๐บ๐ธ
myagent.site
2026-04-01 23:58:05
(3 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
๐บ๐ธ
TPI-Abuse
2026-04-01 22:21:57
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 102.209.111.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 18:21:52.362731 2026] [security2:error] [pid 7482:tid 7482] [client 102.209.111.134:60504] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aquanauticsige.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aquanauticsige.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ac2agKlfiPU984Kyz03WYAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SMARTNET
2025-11-30 18:38:00
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
Anonymous
2025-11-08 10:14:37
(8 months ago)
Web app attack and vulnerability scan detected from IIS logs
Brute-Force
Bad Web Bot
Web App Attack