๐บ๐ธ
TPI-Abuse
2026-07-09 10:20:06
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:19:58.819212 2026] [security2:error] [pid 24251:tid 24251] [client 110.225.22.15:55704] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|fundaciondamashcc.org.ec|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundaciondamashcc.org.ec"] [uri "/xmlrpc.php"] [unique_id "ak91zhh7xC8a4JCvKDbr9wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-09 08:36:22
(6 hours ago)
Wordpress unauthorized access attempt
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2026-07-09 06:53:21
(8 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/abts-north-dynamic-15.22.225.110.airtelbroadband. ...
show more
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/abts-north-dynamic-15.22.225.110.airtelbroadband.in
show less
Web App Attack
๐ซ๐ท
LRob
2026-07-09 06:23:21
(8 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack/12.1; Wor ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack/12.1; WordPress/6.4; http://site35533964.com","Jetpack/13.0; WordPress/6.2; http://site38362464.com","Jetpack by WordPress.com","Jetpack/12.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:42:11
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:225170) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:42:01.664423 2026] [security2:error] [pid 25365:tid 25365] [client 110.225.22.15:65122] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lajoze.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lajoze.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ak8mmfCJerK2zHv0HwAczAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:09:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:09:00.501116 2026] [security2:error] [pid 29170:tid 29170] [client 110.225.22.15:50911] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|aandbnaturalfoods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aandbnaturalfoods.com"] [uri "/xmlrpc.php"] [unique_id "ak4vzBYP1HMKIIA3hFf2DAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 09:50:59
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:50:54.354550 2026] [security2:error] [pid 28988:tid 28988] [client 110.225.22.15:54300] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|hvacmechanalysis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hvacmechanalysis.com"] [uri "/xmlrpc.php"] [unique_id "ak4dfhqmrfyP04Mdnv9C7gAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:21:51
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:21:48.455783 2026] [security2:error] [pid 14803:tid 14829] [client 110.225.22.15:63074] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|jofdt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jofdt.com"] [uri "/xmlrpc.php"] [unique_id "ak36jAahlrKK4mKib4mhpwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 10:13:18
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:13:11.674884 2026] [security2:error] [pid 26912:tid 26912] [client 110.225.22.15:55867] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|humbliaslaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "humbliaslaw.com"] [uri "/xmlrpc.php"] [unique_id "akzRN-4mb8Vhps67KLCjiQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 09:11:45
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:11:39.483177 2026] [security2:error] [pid 14164:tid 14164] [client 110.225.22.15:56398] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|ismaelcavazos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ismaelcavazos.com"] [uri "/xmlrpc.php"] [unique_id "akzCywo2OIaLFVI4Na7ZpgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-07 08:38:13
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 07:32:04
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110 ...
show more
(mod_security) mod_security (id:240335) triggered by 110.225.22.15 (abts-north-dynamic-15.22.225.110.airtelbroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:31:56.500953 2026] [security2:error] [pid 5201:tid 5201] [client 110.225.22.15:59073] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 110.225.22.15 (+1 hits since last alert)|blaslandsporthorses.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blaslandsporthorses.com"] [uri "/xmlrpc.php"] [unique_id "aktZ7OTezwjLZKYuJCtYlwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack