๐ฉ๐ช
ghostwarriors
2026-07-17 09:21:10
(1 hour ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 08:53:02
(1 hour ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 07:20:01
(1 day ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=www.aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019 ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=www.aidshep2019.gr; logs=/var/log/httpd/domains/aidshep2019.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
Anonymous
2026-07-16 06:21:33
(1 day ago)
(wordpress) Failed wordpress login from 115.242.65.26 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-15 10:43:17
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 06:43:11.379667 2026] [security2:error] [pid 30565:tid 30565] [client 115.242.65.26:57144] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|thereisaplaceonearth.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thereisaplaceonearth.com"] [uri "/xmlrpc.php"] [unique_id "aldkP-KNXE_UoxKtP1YtAwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 09:43:15
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 05:43:11.032936 2026] [security2:error] [pid 32430:tid 32430] [client 115.242.65.26:59034] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|studiopilates.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "studiopilates.net"] [uri "/xmlrpc.php"] [unique_id "aldWL8qmPWJ9Ksn9a68IYAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-15 09:25:46
(2 days ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 05:50:07
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 05:59:43
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 01:59:36.447115 2026] [security2:error] [pid 19754:tid 19754] [client 115.242.65.26:59089] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|produktives.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "produktives.com"] [uri "/xmlrpc.php"] [unique_id "akyVyGuYeQxMXsRUnRb0oQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-07 05:29:09
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:06:38
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:06:32.262547 2026] [security2:error] [pid 27644:tid 27644] [client 115.242.65.26:58683] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|techoutletec.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "techoutletec.com"] [uri "/xmlrpc.php"] [unique_id "akiw-ArtnB3OdhxcUjiejgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 06:17:26
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:17:19.380609 2026] [security2:error] [pid 4075:tid 4075] [client 115.242.65.26:58370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|cemesur-vision21.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cemesur-vision21.com"] [uri "/xmlrpc.php"] [unique_id "akilb4TEqck0LedyZyD6FQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:45:30
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:45:26.048489 2026] [security2:error] [pid 30775:tid 30775] [client 115.242.65.26:61026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|rockinr.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rockinr.org"] [uri "/xmlrpc.php"] [unique_id "akd2puUjSq2sCv8jOhG6-wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:35:52
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:35:46.184792 2026] [security2:error] [pid 19760:tid 19760] [client 115.242.65.26:54617] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|batesstrategygroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "batesstrategygroup.com"] [uri "/xmlrpc.php"] [unique_id "akdYQhGO7qZHCEKfipEQxQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 04:32:34
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 115.242.65.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:32:30.028002 2026] [security2:error] [pid 8151:tid 8177] [client 115.242.65.26:62893] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 115.242.65.26 (+1 hits since last alert)|sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sparkhypnotherapy.com"] [uri "/xmlrpc.php"] [unique_id "akc7XrmWEM6KJr6ayzznnQAAARc"]
show less
Brute-Force
Bad Web Bot
Web App Attack