๐ซ๐ท
Tilellit.PRO
2026-07-09 07:47:09
(2 days ago)
WooCommerce YITH AJAX Filder product_cat filter flood attempt with taxonomies
DDoS Attack
Bad Web Bot
๐บ๐ธ
kosada.com
2026-07-06 13:40:43
(5 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ซ๐ท
dynamix
2026-07-06 11:16:49
(5 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-06 10:51:58
(5 days ago)
(wordpress) Failed wordpress login from 129.224.206.111 (SY/Syria/customer.frntdeu1.isp.starlink.com ...
show more
(wordpress) Failed wordpress login from 129.224.206.111 (SY/Syria/customer.frntdeu1.isp.starlink.com)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 09:13:10
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink ...
show more
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 05:13:05.726126 2026] [security2:error] [pid 9833:tid 9833] [client 129.224.206.111:51493] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.224.206.111 (+1 hits since last alert)|famagustacyprus.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "famagustacyprus.eu"] [uri "/xmlrpc.php"] [unique_id "aktxoVlaeJ7yEXTUTwsrAQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-06 09:10:40
(5 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 08:41:48
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink ...
show more
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:41:44.953132 2026] [security2:error] [pid 12876:tid 12876] [client 129.224.206.111:56482] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.224.206.111 (+1 hits since last alert)|crep-psych.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "crep-psych.org"] [uri "/xmlrpc.php"] [unique_id "aktqSNsMcpCKbneWqo49wwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-05 19:47:02
(5 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
LRob
2026-07-05 10:00:09
(6 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-05 09:16:54
(6 days ago)
(xmlrpc) Failed xmlrpc access from 129.224.206.111 (SY/Syria/customer.frntdeu1.isp.starlink.com): 5 ...
show more
(xmlrpc) Failed xmlrpc access from 129.224.206.111 (SY/Syria/customer.frntdeu1.isp.starlink.com): 5 in the last 3600 secs (0-122)
show less
Hacking
๐ฉ๐ช
Petros Stefanakis
2026-07-05 00:37:02
(6 days ago)
(wordpress) Failed wordpress login from 129.224.206.111 (SY/Syria/customer.frntdeu1.isp.starlink.com ...
show more
(wordpress) Failed wordpress login from 129.224.206.111 (SY/Syria/customer.frntdeu1.isp.starlink.com)
show less
Brute-Force
Anonymous
2026-07-05 00:33:05
(6 days ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 20:35:53
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink ...
show more
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:35:49.065984 2026] [security2:error] [pid 11784:tid 11784] [client 129.224.206.111:4390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.224.206.111 (+1 hits since last alert)|aifactoid.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aifactoid.com"] [uri "/xmlrpc.php"] [unique_id "aklupUbcK2LTEBF3RfHvrwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-04 13:55:05
(1 week ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 10:36:27
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink ...
show more
(mod_security) mod_security (id:240335) triggered by 129.224.206.111 (customer.frntdeu1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 06:36:20.274524 2026] [security2:error] [pid 28123:tid 28150] [client 129.224.206.111:12827] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.224.206.111 (+1 hits since last alert)|giere.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "giere.us"] [uri "/xmlrpc.php"] [unique_id "akjiJHMhaAUMIjj11JhJeAAAAUo"]
show less
Brute-Force
Bad Web Bot
Web App Attack