๐บ๐ธ
TPI-Abuse
2026-07-17 06:04:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:04:15.794742 2026] [security2:error] [pid 29131:tid 29131] [client 117.215.158.137:29000] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.215.158.137 (+1 hits since last alert)|ohanameetup.party|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ohanameetup.party"] [uri "/xmlrpc.php"] [unique_id "alnF3wRp-5IGDPpP9hNk4gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 10:38:25
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-16 05:50:36
(2 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 05:30:10
(2 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฒ๐น
Malta
2026-07-15 07:06:07
(3 days ago)
117.215.158.137 - - [15/Jul/2026:09:06:07 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https:/ ...
show more
117.215.158.137 - - [15/Jul/2026:09:06:07 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-14 06:58:01
(4 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-14 04:53:35
(4 days ago)
[redacted] 117.215.158.137 - - [14/Jul/2026:06:52:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 117.215.158.137 - - [14/Jul/2026:06:52:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 117.215.158.137 - - [14/Jul/2026:06:52:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site86508633.com"
[redacted] 117.215.158.137 - - [14/Jul/2026:06:53:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 117.215.158.137 - - [14/Jul/2026:06:53:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 117.215.158.137 - - [14/Jul/2026:06:53:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site21059778.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-13 09:44:53
(4 days ago)
(wordpress) Failed wordpress login from 117.215.158.137 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 06:50:50
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 02:50:37.783246 2026] [security2:error] [pid 490:tid 490] [client 117.215.158.137:23764] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.215.158.137 (+1 hits since last alert)|realdesigninterior.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "realdesigninterior.com"] [uri "/xmlrpc.php"] [unique_id "alSKvchLIl3_iqI6Q8UDBwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 11:03:22
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 07:03:10.243063 2026] [security2:error] [pid 8269:tid 8294] [client 117.215.158.137:33410] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.215.158.137 (+1 hits since last alert)|browbrew.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "browbrew.com"] [uri "/xmlrpc.php"] [unique_id "alDRbtX7Ipz0OFFI4-QYXgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-09 09:03:11
(1 week ago)
(xmlrpc) Failed xmlrpc access from 117.215.158.137 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
WeekendWeb
2026-07-02 04:46:32
(2 weeks ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 06:22:32
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:22:20.414787 2026] [security2:error] [pid 2680:tid 2680] [client 117.215.158.137:58926] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.215.158.137 (+1 hits since last alert)|consolidatedoperationsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "consolidatedoperationsgroup.com"] [uri "/xmlrpc.php"] [unique_id "akSyHEVnSt4_gjf_ECArvwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:15:34
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:15:21.301259 2026] [security2:error] [pid 886:tid 886] [client 117.215.158.137:35872] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.215.158.137 (+1 hits since last alert)|pcga.golf|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pcga.golf"] [uri "/xmlrpc.php"] [unique_id "akNe-R7RIjo8ugLjMKxjiQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 04:24:31
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 117.215.158.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:24:21.066383 2026] [security2:error] [pid 29823:tid 29832] [client 117.215.158.137:35214] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 117.215.158.137 (+1 hits since last alert)|howlerrock.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "howlerrock.com"] [uri "/xmlrpc.php"] [unique_id "akNE9cNRhJaoeT9f2zkTawAAAYc"]
show less
Brute-Force
Bad Web Bot
Web App Attack