๐บ๐ธ
TPI-Abuse
2026-07-04 12:00:27
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co. ...
show more
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co.zm): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 08:00:21.369360 2026] [security2:error] [pid 30967:tid 30967] [client 102.220.158.203:22475] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.220.158.203 (+1 hits since last alert)|fatbastardcompetition.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fatbastardcompetition.com"] [uri "/xmlrpc.php"] [unique_id "akj11clK5ZeJbcMV76LoQAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-04 07:41:56
(15 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ช๐ธ
masterguru
2026-07-04 07:14:37
(15 hours ago)
(xmlrpc) Failed xmlrpc access from 102.220.158.203 (ZM/Zambia/102-220-158-203.simbafiber.co.zm): 5 i ...
show more
(xmlrpc) Failed xmlrpc access from 102.220.158.203 (ZM/Zambia/102-220-158-203.simbafiber.co.zm): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-03 12:52:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co. ...
show more
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co.zm): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:52:22.063793 2026] [security2:error] [pid 32248:tid 32248] [client 102.220.158.203:22485] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.220.158.203 (+1 hits since last alert)|wholesalelivelobsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wholesalelivelobsters.com"] [uri "/xmlrpc.php"] [unique_id "akewhhM7obarwKCv8lzphwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 12:21:10
(1 day ago)
Attac
Brute-Force
Anonymous
2026-07-01 14:23:19
(3 days ago)
[server.techsupportltd.gr] legacy-local-block: samples=imported from ipset host_guard4 at 2026-07-01 ...
show more
[server.techsupportltd.gr] legacy-local-block: samples=imported from ipset host_guard4 at 2026-07-01T14:23:19+00:00
show less
Hacking
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-01 10:20:54
(3 days ago)
(wordpress) Failed wordpress login from 102.220.158.203 (ZM/Zambia/102-220-158-203.simbafiber.co.zm)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 09:21:05
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co. ...
show more
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co.zm): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:20:58.916316 2026] [security2:error] [pid 728:tid 728] [client 102.220.158.203:22485] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.220.158.203 (+1 hits since last alert)|motherlyhomecare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "motherlyhomecare.com"] [uri "/xmlrpc.php"] [unique_id "akTb-qUQQ8eAmDSmQYI8AQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 09:33:53
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co. ...
show more
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co.zm): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:33:47.445026 2026] [security2:error] [pid 10983:tid 10983] [client 102.220.158.203:22361] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.220.158.203 (+1 hits since last alert)|techoutletec.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "techoutletec.com"] [uri "/xmlrpc.php"] [unique_id "akONe7lyk8nM6r9_G6r-mwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-30 07:58:36
(4 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-06-29 06:33:44
(5 days ago)
(wordpress) Failed wordpress login from 102.220.158.203 (ZM/Zambia/102-220-158-203.simbafiber.co.zm)
Brute-Force
๐ฉ๐ช
rh24
2026-06-27 11:51:22
(1 week ago)
(xmlrpc_405) XMLRPC-Bot 405 102.220.158.203 (ZM/Zambia/102-220-158-203.simbafiber.co.zm)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-27 11:23:01
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co. ...
show more
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co.zm): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 07:22:57.183577 2026] [security2:error] [pid 23385:tid 23385] [client 102.220.158.203:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.220.158.203 (+1 hits since last alert)|rodrigoaldecoa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodrigoaldecoa.com"] [uri "/xmlrpc.php"] [unique_id "aj-ykcIiiJiIZMC600mvJgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Sรฉfora Srl
2026-06-27 07:02:26
(1 week ago)
Failed attempt detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 13:28:32
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co. ...
show more
(mod_security) mod_security (id:240335) triggered by 102.220.158.203 (102-220-158-203.simbafiber.co.zm): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:28:28.438298 2026] [security2:error] [pid 15989:tid 15989] [client 102.220.158.203:22408] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.220.158.203 (+1 hits since last alert)|ashwoodsecurity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ashwoodsecurity.com"] [uri "/xmlrpc.php"] [unique_id "aj5-fFM88Vh0PWkhNDO74AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack