๐บ๐ธ
TPI-Abuse
2026-07-13 11:37:01
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:36:55.613377 2026] [security2:error] [pid 27238:tid 27238] [client 118.99.65.24:25808] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|therealseska.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "therealseska.com"] [uri "/xmlrpc.php"] [unique_id "alTN1xJFA3FEI6xTjmb6dwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 10:07:50
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 06:07:42.299805 2026] [security2:error] [pid 6999:tid 6999] [client 118.99.65.24:17042] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|pearlhomesfw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pearlhomesfw.com"] [uri "/xmlrpc.php"] [unique_id "alS47q2bb6KIYXMySURt3AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-13 08:52:33
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
dynamix
2026-07-13 07:36:52
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 06:39:21
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 02:39:15.570861 2026] [security2:error] [pid 27624:tid 27624] [client 118.99.65.24:23049] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|mainefirst.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mainefirst.org"] [uri "/xmlrpc.php"] [unique_id "alSIE9CunQj0hljWo9QWlQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 06:07:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 02:07:21.208064 2026] [security2:error] [pid 6136:tid 6136] [client 118.99.65.24:22387] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|guarinofurnituredesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "guarinofurnituredesigns.com"] [uri "/xmlrpc.php"] [unique_id "alSAme0b1ZdyHcRb8OSmWQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-13 05:38:18
(1 day ago)
(xmlrpc) Failed xmlrpc access from 118.99.65.24 (ID/Indonesia/-): 5 in the last 3600 secs (0-122)
Hacking
๐ฒ๐น
Malta
2026-07-13 05:34:34
(1 day ago)
118.99.65.24 - - [13/Jul/2026:07:34:34 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack by WordPress.com"
Hacking
Web App Attack
Anonymous
2026-07-13 05:06:05
(1 day ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:53:48
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:53:41.557401 2026] [security2:error] [pid 22122:tid 22122] [client 118.99.65.24:21538] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|tcit.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tcit.org"] [uri "/xmlrpc.php"] [unique_id "alRvVcOYsyxeVqiqMSwS_wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:55:47
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:55:39.455562 2026] [security2:error] [pid 6277:tid 6277] [client 118.99.65.24:35567] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|artizandecor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artizandecor.com"] [uri "/xmlrpc.php"] [unique_id "alRhuy8pRuX6PJs3exvheAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-13 02:00:02
(1 day ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2026-07-12 10:20:32
(2 days ago)
[redacted] 118.99.65.24 - - [12/Jul/2026:12:19:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 118.99.65.24 - - [12/Jul/2026:12:19:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
[redacted] 118.99.65.24 - - [12/Jul/2026:12:19:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 118.99.65.24 - - [12/Jul/2026:12:20:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
[redacted] 118.99.65.24 - - [12/Jul/2026:12:20:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
[redacted] 118.99.65.24 - - [12/Jul/2026:12:20:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
...
show less
Hacking
Web App Attack
๐ช๐ธ
alferez
2026-07-12 09:26:22
(2 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 07:06:05
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.65.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 03:06:01.185255 2026] [security2:error] [pid 4227:tid 4227] [client 118.99.65.24:20129] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.65.24 (+1 hits since last alert)|dalessalesandservice.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dalessalesandservice.com"] [uri "/xmlrpc.php"] [unique_id "alM82TTJbdSO3oVoM5nYSAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack