๐บ๐ธ
TPI-Abuse
2026-07-12 15:43:06
(6 minutes ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 11:43:00.833029 2026] [security2:error] [pid 13085:tid 13085] [client 136.158.40.242:48467] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|4115thewestford.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "4115thewestford.com"] [uri "/xmlrpc.php"] [unique_id "alO2BKIpGjZoN4taEMrhAwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 12:28:50
(3 hours ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 08:28:45.448103 2026] [security2:error] [pid 16211:tid 16211] [client 136.158.40.242:37576] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|proyectando.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "proyectando.com"] [uri "/xmlrpc.php"] [unique_id "alOIfaHqzvkglhYeRQ78ngAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-12 12:20:36
(3 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 11:56:34
(3 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-12 11:00:30
(4 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-12 09:54:33
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 05:54:31.170613 2026] [security2:error] [pid 31212:tid 31212] [client 136.158.40.242:44271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|odinathletes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "odinathletes.com"] [uri "/xmlrpc.php"] [unique_id "alNkV3F0KsDHqqE3zbTwCAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 08:27:07
(7 hours ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 04:27:00.439813 2026] [security2:error] [pid 29442:tid 29442] [client 136.158.40.242:15069] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|ontimelogistiks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ontimelogistiks.com"] [uri "/xmlrpc.php"] [unique_id "alNP1MXLti6UfYSl7UFzWAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-12 08:26:31
(7 hours ago)
(wordpress) Failed wordpress login from 136.158.40.242 (PH/Philippines/242.40.158.136.convergeict.co ...
show more
(wordpress) Failed wordpress login from 136.158.40.242 (PH/Philippines/242.40.158.136.convergeict.com)
show less
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-12 06:51:18
(8 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ณ๐ฑ
debestelapp
2026-07-12 06:45:05
(9 hours ago)
Web App Attack
Anonymous
2026-07-12 06:44:42
(9 hours ago)
(wordpress) Failed wordpress login from 136.158.40.242 (PH/Philippines/Metro Manila/Caloocan/242.40. ...
show more
(wordpress) Failed wordpress login from 136.158.40.242 (PH/Philippines/Metro Manila/Caloocan/242.40.158.136.convergeict.com/[redacted])
show less
Brute-Force
๐ฉ๐ช
neckaralb-admin.de
2026-07-11 07:06:15
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:38:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:38:21.715614 2026] [security2:error] [pid 24480:tid 24480] [client 136.158.40.242:29151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|vintageamptubes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vintageamptubes.com"] [uri "/xmlrpc.php"] [unique_id "alHk3SPj4JURgf7qWGlF7AAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:08:40
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:08:33.482505 2026] [security2:error] [pid 26273:tid 26273] [client 136.158.40.242:39199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|desertautoworks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desertautoworks.com"] [uri "/xmlrpc.php"] [unique_id "alHd4WsTpe5VDJAoPyzAVwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 04:59:50
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com) ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.40.242 (242.40.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 00:59:45.942168 2026] [security2:error] [pid 29111:tid 29372] [client 136.158.40.242:4111] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.40.242 (+1 hits since last alert)|darkestmoonart.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "darkestmoonart.com"] [uri "/xmlrpc.php"] [unique_id "alHNwfjNomVVREm_RLGlrAAAAUY"]
show less
Brute-Force
Bad Web Bot
Web App Attack