๐ฉ๐ช
dbmwebdesign
2026-07-07 05:50:16
(14 hours ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 05:28:18
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 01:28:15.153196 2026] [security2:error] [pid 12151:tid 12151] [client 103.211.54.26:52719] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.211.54.26 (+1 hits since last alert)|agworldmissions.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "agworldmissions.org"] [uri "/xmlrpc.php"] [unique_id "akyOb2_OwATDd0jBoKLrDgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 04:59:06
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 00:59:01.769812 2026] [security2:error] [pid 31241:tid 31266] [client 103.211.54.26:61531] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.211.54.26 (+1 hits since last alert)|fastestcopyright.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fastestcopyright.com"] [uri "/xmlrpc.php"] [unique_id "akyHlbgwszT7AjIGsNxJUAAAARc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-07 04:45:15
(15 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ง๐ช
cmbplf
2026-07-07 04:08:19
(16 hours ago)
6.701 post requests in 1 hour (1yr10mos3w)
Brute-Force
Bad Web Bot
๐ฑ๐ป
garmtech.com
2026-07-07 03:38:14
(17 hours ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS
Web App Attack
Anonymous
2026-07-07 03:27:03
(17 hours ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 03:21:03
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 23:20:55.515619 2026] [security2:error] [pid 4268:tid 4268] [client 103.211.54.26:50575] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.211.54.26 (+1 hits since last alert)|garanta.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "garanta.co"] [uri "/xmlrpc.php"] [unique_id "akxwl6Jfnk0-WiA-UxqZRwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-13 06:06:16
(3 weeks ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 05:06:41
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:06:37.566673 2026] [security2:error] [pid 9711:tid 9711] [client 103.211.54.26:58528] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.211.54.26 (+1 hits since last alert)|paguilar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "paguilar.com"] [uri "/xmlrpc.php"] [unique_id "aizlXU9LlEEiQH-Bz1DJFwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-06-13 05:05:53
(3 weeks ago)
(wordpress) Failed wordpress login from 103.211.54.26 (IN/India/-)
Brute-Force
๐ณ๐ฑ
e.fierstra
2026-06-13 04:58:48
(3 weeks ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-06-13 03:55:03
(3 weeks ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 03:37:47
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.211.54.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 23:37:41.913640 2026] [security2:error] [pid 27378:tid 27378] [client 103.211.54.26:52579] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.211.54.26 (+1 hits since last alert)|thebrotherhoodlounge.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thebrotherhoodlounge.com"] [uri "/xmlrpc.php"] [unique_id "aizQhWSuBaIeo_DmDHzL1QAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-06-13 03:25:08
(3 weeks ago)
5.547 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot