๐ณ๐ฑ
Site.eu
2026-07-15 14:18:25
(5 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-15 08:12:04
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:11:57.963642 2026] [security2:error] [pid 8800:tid 8805] [client 102.219.209.18:51848] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.209.18 (+1 hits since last alert)|eceinal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eceinal.com"] [uri "/xmlrpc.php"] [unique_id "aldAzWPDy7-DVIJz8zGaCgAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-15 06:32:33
(13 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 03:11:53
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 23:11:48.339311 2026] [security2:error] [pid 28156:tid 28156] [client 102.219.209.18:56838] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.209.18 (+1 hits since last alert)|kathydumesnilart.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kathydumesnilart.com"] [uri "/xmlrpc.php"] [unique_id "alb6dO1EhE0tOxpd2GR8eQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-14 16:22:18
(1 day ago)
(wordpress) Failed wordpress login from 102.219.209.18 (KE/Kenya/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-14 12:04:14
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 08:04:10.405504 2026] [security2:error] [pid 19320:tid 19320] [client 102.219.209.18:2381] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.209.18 (+1 hits since last alert)|suswastima.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "suswastima.com"] [uri "/xmlrpc.php"] [unique_id "alYluqIrrmGD8xm-mRae9gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-14 09:34:43
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-14 09:02:40
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 05:02:33.561542 2026] [security2:error] [pid 21649:tid 21649] [client 102.219.209.18:54873] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.209.18 (+1 hits since last alert)|desertalfas.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desertalfas.org"] [uri "/xmlrpc.php"] [unique_id "alX7KfdCg4dk2HGjDiQqFQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-07-14 06:39:20
(1 day ago)
2026-07-14T08:39:19.608327+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 102 ...
show more
2026-07-14T08:39:19.608327+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication failure for-from 102.219.209.18
show less
Web App Attack
๐ช๐ธ
masterguru
2026-07-13 18:52:03
(2 days ago)
(xmlrpc) Failed xmlrpc access from 102.219.209.18 (KE/Kenya/-): 5 in the last 3600 secs (0-122)
Hacking
๐ซ๐ท
SpaceHost-Server
2026-07-12 22:25:05
(2 days ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 17:46:29
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:46:25.520667 2026] [security2:error] [pid 14866:tid 14951] [client 102.219.209.18:65175] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.209.18 (+1 hits since last alert)|planmytrust.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "planmytrust.com"] [uri "/xmlrpc.php"] [unique_id "alPS8dmO75NaMxFvnVn2xAAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-12 17:41:03
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ช๐ธ
masterguru
2026-07-12 17:40:13
(3 days ago)
(xmlrpc) Failed xmlrpc access from 102.219.209.18 (KE/Kenya/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-12 14:14:11
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.209.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 10:14:06.886745 2026] [security2:error] [pid 10718:tid 10718] [client 102.219.209.18:65418] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.209.18 (+1 hits since last alert)|feiz.church|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feiz.church"] [uri "/xmlrpc.php"] [unique_id "alOhLl0Gu3LxHLRYOpotGgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack