π«π·
dynamix
2026-07-08 14:46:39
(2 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π§πͺ
cmbplf
2026-07-08 14:17:50
(3 hours ago)
2.272 requests from abuseipdb.com blacklisted IP (1yr10mos2w)
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-08 13:02:10
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 09:02:06.327864 2026] [security2:error] [pid 18447:tid 18447] [client 109.93.250.33:57059] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|vrevgaming.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vrevgaming.net"] [uri "/xmlrpc.php"] [unique_id "ak5KTmCKgBvDEFM36EHw0QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 17:23:13
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:23:06.511532 2026] [security2:error] [pid 8084:tid 8084] [client 109.93.250.33:56585] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|circleinthesquare.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "circleinthesquare.org"] [uri "/xmlrpc.php"] [unique_id "ak01-tJMXAvlX_hzUi6P7QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 16:53:23
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:53:17.876859 2026] [security2:error] [pid 11540:tid 11540] [client 109.93.250.33:51799] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|lawrencehale.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lawrencehale.com"] [uri "/xmlrpc.php"] [unique_id "ak0u_R9KY0fiXZ3Yyibi3wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-07 15:49:16
(1 day ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-07-07 15:19:24
(1 day ago)
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 10:03:36
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:03:30.566740 2026] [security2:error] [pid 14952:tid 14952] [client 109.93.250.33:56654] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|aifactoid.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aifactoid.com"] [uri "/xmlrpc.php"] [unique_id "akzO8vZoo8rBCTPWxdHBhAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 09:32:55
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:32:50.027229 2026] [security2:error] [pid 300:tid 300] [client 109.93.250.33:53761] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|roguetechink.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechink.com"] [uri "/xmlrpc.php"] [unique_id "akzHwrvjdA1yElOI4UEJygAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 20:00:36
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:00:32.912687 2026] [security2:error] [pid 15016:tid 15016] [client 109.93.250.33:49233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|esysapps.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "esysapps.com"] [uri "/xmlrpc.php"] [unique_id "akwJYPyw21rktgHuE-kcuQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Lunix
2026-07-06 19:58:00
(1 day ago)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 18:28:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.teleko ...
show more
(mod_security) mod_security (id:240335) triggered by 109.93.250.33 (109-93-250-33.dynamic.isp.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 14:28:25.312069 2026] [security2:error] [pid 21052:tid 21108] [client 109.93.250.33:62116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.93.250.33 (+1 hits since last alert)|managementlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "managementlaw.com"] [uri "/xmlrpc.php"] [unique_id "akvzycTUjhHEr42yqvKueQAAAkA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
netclix.gr
2026-07-06 17:54:45
(1 day ago)
(wordpress) Failed wordpress login from 109.93.250.33 (RS/Serbia/109-93-250-33.dynamic.isp.telekom.r ...
show more
(wordpress) Failed wordpress login from 109.93.250.33 (RS/Serbia/109-93-250-33.dynamic.isp.telekom.rs): (CF_ENABLE)
show less
Brute-Force
π³π±
Site.eu
2026-07-06 17:25:20
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
πͺπΈ
masterguru
2026-07-06 08:10:19
(2 days ago)
(xmlrpc) Failed xmlrpc access from 109.93.250.33 (RS/Serbia/109-93-250-33.dynamic.isp.telekom.rs): 5 ...
show more
(xmlrpc) Failed xmlrpc access from 109.93.250.33 (RS/Serbia/109-93-250-33.dynamic.isp.telekom.rs): 5 in the last 3600 secs (0-122)
show less
Hacking