๐ซ๐ท
applemooz
2026-06-10 06:27:29
(2 weeks ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-10 03:13:08
(2 weeks ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-06-09 05:27:45
(3 weeks ago)
Blocked by ModSec and CSF
Port Scan
๐บ๐ธ
oralunal
2026-06-09 05:12:22
(3 weeks ago)
IP banned by Fail2Ban in jail its-suss access.log mvfnds
...
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-06-08 04:24:53
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (ID/Indonesia/-): 5 in the last ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (ID/Indonesia/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 02:19:05
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:18:59.389616 2026] [security2:error] [pid 29066:tid 29188] [client 125.163.112.234:64260] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|wnsi.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wnsi.org"] [uri "/xmlrpc.php"] [unique_id "aiYmk_EETentHNiSrpCKjAAAAk8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 01:36:29
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:36:20.836670 2026] [security2:error] [pid 1371:tid 1371] [client 125.163.112.234:58435] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|ssion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ssion.com"] [uri "/xmlrpc.php"] [unique_id "aiYclCyzvfwcVAXhKHU38gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 01:07:57
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:07:51.740441 2026] [security2:error] [pid 8389:tid 8389] [client 125.163.112.234:59390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|globaldentalservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "aiYV5_GmCifzPECxnp6MqgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 02:51:32
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 22:51:27.217542 2026] [security2:error] [pid 29448:tid 29448] [client 125.163.112.234:58735] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|cajunpicasso.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cajunpicasso.com"] [uri "/xmlrpc.php"] [unique_id "aiTcrwXRSXP3lWYWg_UvMwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 02:20:08
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 22:19:59.371634 2026] [security2:error] [pid 25330:tid 25330] [client 125.163.112.234:58754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|amespeak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "amespeak.com"] [uri "/xmlrpc.php"] [unique_id "aiTVTy_BYkLzX8xohw78LwAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-05 08:16:48
(3 weeks ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-05 03:25:42
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:25:32.770061 2026] [security2:error] [pid 29025:tid 29025] [client 125.163.112.234:50537] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|oogeothermal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oogeothermal.com"] [uri "/xmlrpc.php"] [unique_id "aiJBrIpsnzija-c4miOLUAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-05 02:22:41
(3 weeks ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-04 04:25:21
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 125.163.112.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 00:25:17.394006 2026] [security2:error] [pid 15672:tid 15672] [client 125.163.112.234:64419] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 125.163.112.234 (+1 hits since last alert)|guarinofurnituredesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "guarinofurnituredesigns.com"] [uri "/xmlrpc.php"] [unique_id "aiD-LfewHyWstorIKgEMHAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack