๐บ๐ธ
TPI-Abuse
2026-07-01 12:20:48
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 08:20:38.770503 2026] [security2:error] [pid 30117:tid 30121] [client 111.92.145.237:48273] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 111.92.145.237 (+1 hits since last alert)|killasgarage.bike|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "killasgarage.bike"] [uri "/xmlrpc.php"] [unique_id "akUGFsCFpxxltT4gyv0yQwAAAUI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-01 11:00:29
(14 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 10:15:26
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:15:18.897167 2026] [security2:error] [pid 27921:tid 27921] [client 111.92.145.237:48982] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 111.92.145.237 (+1 hits since last alert)|caddydad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caddydad.com"] [uri "/xmlrpc.php"] [unique_id "akTotukreKdZiubDdtJd4AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
francoisunix
2026-07-01 10:13:08
(14 hours ago)
111.92.145.237 - - [01/Jul/2026:10:12:23 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.c ...
show more
111.92.145.237 - - [01/Jul/2026:10:12:23 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.com; https://wordpress.com"
111.92.145.237 - - [01/Jul/2026:10:12:33 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)"
111.92.145.237 - - [01/Jul/2026:10:12:44 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.com; https://wordpress.com"
111.92.145.237 - - [01/Jul/2026:10:12:54 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com"
111.92.145.237 - - [01/Jul/2026:10:13:05 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com"
...
show less
Web App Attack
๐ฎ๐ฉ
origrata
2026-07-01 09:59:16
(15 hours ago)
[OGWAF] xss attack blocked | severity: critical | POST /xmlrpc.php | UA: Jetpack by WordPress.com | ...
show more
[OGWAF] xss attack blocked | severity: critical | POST /xmlrpc.php | UA: Jetpack by WordPress.com | payload: <?xml version="1.0"?><methodCall><methodName>metaWeblog.newPost</methodName><params><param><value><string>1</string></value></param><param><value><string>adminios1</string></value></param><param><valu
show less
Web App Attack
Hacking
๐ณ๐ฑ
ConsulHosting
2026-07-01 09:03:28
(16 hours ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
Anonymous
2026-07-01 08:39:23
(16 hours ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:17:15
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:17:09.518770 2026] [security2:error] [pid 3228:tid 3228] [client 111.92.145.237:48209] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 111.92.145.237 (+1 hits since last alert)|iconflgc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iconflgc.com"] [uri "/xmlrpc.php"] [unique_id "akTNBV0wIm3Q5Wrm_lM_4gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-01 07:44:41
(17 hours ago)
(xmlrpc) Apache: Failed xmlrpc access from 111.92.145.237 (-): 10 in the last 3600 secs (0-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 07:15:24
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 111.92.145.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:15:15.023143 2026] [security2:error] [pid 6348:tid 6348] [client 111.92.145.237:48547] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 111.92.145.237 (+1 hits since last alert)|bernsteinip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bernsteinip.com"] [uri "/xmlrpc.php"] [unique_id "akS-g06KspEtZsY3YyPb3gAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack