๐บ๐ธ
oralunal
2026-07-03 21:50:48
(9 hours ago)
IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds
...
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 21:04:13
(10 hours ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 04:26:23
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:26:18.794026 2026] [security2:error] [pid 12244:tid 12244] [client 128.127.115.194:29180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|stukabird.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stukabird.com"] [uri "/xmlrpc.php"] [unique_id "akc56lRSAVoHd4r-z0b_pgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 01:22:12
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 21:22:06.767827 2026] [security2:error] [pid 13750:tid 13750] [client 128.127.115.194:43759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|daebakdesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "daebakdesign.com"] [uri "/xmlrpc.php"] [unique_id "akcOvrtAxUlQ8pd2LNsVOAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 20:46:16
(1 day ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-02 16:52:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 12:52:23.600219 2026] [security2:error] [pid 5045:tid 5045] [client 128.127.115.194:64281] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|caymancline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caymancline.com"] [uri "/xmlrpc.php"] [unique_id "akaXR0l17qHwfPwCDCMB0QAAAC4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 15:28:42
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-02 12:34:38
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
RO/Romania/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:02:08
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:02:00.843684 2026] [security2:error] [pid 522:tid 522] [client 128.127.115.194:11276] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|visionremota.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "visionremota.info"] [uri "/xmlrpc.php"] [unique_id "akYa-F3sjjnRZwDkUu5NoQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 00:43:02
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 20:42:55.631066 2026] [security2:error] [pid 29135:tid 29135] [client 128.127.115.194:21026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|roguetechink.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechink.com"] [uri "/xmlrpc.php"] [unique_id "akW0D-lWxHSmt9omZYPbrgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-07-01 20:34:30
(2 days ago)
[WedJul0122:34:25.5400132026][security2:error][pid1407577:tid1407721][client128.127.115.194:0]ModSec ...
show more
[WedJul0122:34:25.5400132026][security2:error][pid1407577:tid1407721][client128.127.115.194:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"turismo-marocco-lugano.ch\"][uri\"/xmlrpc.php\"][unique_id\"akV50fCsNcFQo-X4L-U2gwAAAAo\"]
show less
Hacking
Web App Attack
Anonymous
2026-07-01 20:04:33
(2 days ago)
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 16:33:25
(2 days ago)
(wordpress) Failed wordpress login from 128.127.115.194 (RO/Romania/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 05:38:09
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:38:04.238599 2026] [security2:error] [pid 24255:tid 24255] [client 128.127.115.194:12388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|guarinofurnituredesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "guarinofurnituredesigns.com"] [uri "/xmlrpc.php"] [unique_id "akIEvDcbbQM4Bw7TcCBZnAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 02:09:11
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 128.127.115.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:09:04.892610 2026] [security2:error] [pid 14783:tid 14783] [client 128.127.115.194:29255] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.115.194 (+1 hits since last alert)|maffiniandbearce.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maffiniandbearce.com"] [uri "/xmlrpc.php"] [unique_id "akHTwE1HvGrI8gjHmWg_yQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack