πΊπΈ
TPI-Abuse
2026-07-14 21:07:52
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:07:46.989934 2026] [security2:error] [pid 26406:tid 26406] [client 102.219.24.200:50228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|ohanameetup.party|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ohanameetup.party"] [uri "/xmlrpc.php"] [unique_id "alalIsbJZTtbGqq6TD07hgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 15:25:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:57.330833 2026] [security2:error] [pid 22152:tid 22152] [client 102.219.24.200:12325] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magacine.tv"] [uri "/xmlrpc.php"] [unique_id "alZUydtjsku2u4Jyl_QOuAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
masterguru
2026-07-13 19:24:08
(1 day ago)
(xmlrpc) Failed xmlrpc access from 102.219.24.200 (ZA/South Africa/102-219-24-200.vox.co.za): 5 in t ...
show more
(xmlrpc) Failed xmlrpc access from 102.219.24.200 (ZA/South Africa/102-219-24-200.vox.co.za): 5 in the last 3600 secs (0-122)
show less
Hacking
πΊπΈ
WeekendWeb
2026-07-13 18:18:41
(1 day ago)
Wordpress Vunerability attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-11 23:06:32
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 19:06:25.608871 2026] [security2:error] [pid 21879:tid 21879] [client 102.219.24.200:47767] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|helloauto.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "helloauto.net"] [uri "/xmlrpc.php"] [unique_id "alLMcRyHx786K5RjX5EEjwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-11 11:23:51
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 07:23:44.942764 2026] [security2:error] [pid 6523:tid 6523] [client 102.219.24.200:10311] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|speedgo.mx|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "speedgo.mx"] [uri "/xmlrpc.php"] [unique_id "alInwEJoRwtCwVDu7F_gmwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ghostwarriors
2026-07-11 11:20:56
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-11 11:18:57
(4 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-07 09:01:03
(1 week ago)
(wordpress) Failed wordpress login from 102.219.24.200 (102-219-24-200.vox.co.za)
Brute-Force
π©πͺ
stinpriza
2026-07-07 07:11:21
(1 week ago)
Web App Attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 08:39:51
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:39:43.020794 2026] [security2:error] [pid 12130:tid 12130] [client 102.219.24.200:5078] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|talentstar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talentstar.com"] [uri "/xmlrpc.php"] [unique_id "aktpz-qGYZg3SDQDa7C9igAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
n2nguyenn2nguyen
2026-07-04 22:32:26
(1 week ago)
Blocked by YFC Security on https://brixzly.com β type: xmlrpc_attempts
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 17:35:06
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 13:35:00.762532 2026] [security2:error] [pid 12394:tid 12394] [client 102.219.24.200:44307] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|tttns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tttns.com"] [uri "/xmlrpc.php"] [unique_id "aklERBFFmkWF9bQlO38JDAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
SpaceHost-Server
2026-07-03 22:25:07
(1 week ago)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 20:24:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:24:53.546337 2026] [security2:error] [pid 3495:tid 3495] [client 102.219.24.200:45758] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|nordicbuilders.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nordicbuilders.net"] [uri "/xmlrpc.php"] [unique_id "akgalQAk9lf0QEEBaDXeEgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack