Anonymous
2026-07-09 03:14:17
(2 hours ago)
WordPress Brute Force
Brute-Force
๐ช๐ธ
alferez
2026-07-08 23:27:30
(6 hours ago)
Multiple WP Login Attack
Brute-Force
๐จ๐ฆ
Dunham Support
2026-07-08 16:49:42
(12 hours ago)
(wordpress) Failed wordpress login from 152.241.60.66 (BR/Brazil/152-241-60-66.user.vivozap.com.br)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-08 11:05:10
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:05:06.191663 2026] [security2:error] [pid 26986:tid 26986] [client 152.241.60.66:62143] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.60.66 (+1 hits since last alert)|citizensforsanity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "citizensforsanity.com"] [uri "/xmlrpc.php"] [unique_id "ak4u4qOx9LLWoiXJaUOmPwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:58:08
(21 hours ago)
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:58:03.775060 2026] [security2:error] [pid 19495:tid 19495] [client 152.241.60.66:50351] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.60.66 (+1 hits since last alert)|technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "ak4DC6-_3EuKJmubKQ6YrAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 06:16:50
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:16:43.991349 2026] [security2:error] [pid 21848:tid 21848] [client 152.241.60.66:61202] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.60.66 (+1 hits since last alert)|bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bbproductionsonline.com"] [uri "/xmlrpc.php"] [unique_id "ak3rS0j9I6WKIfORskc8-wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 04:44:04
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 00:43:59.622808 2026] [security2:error] [pid 457:tid 457] [client 152.241.60.66:57171] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.60.66 (+1 hits since last alert)|theseoscribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theseoscribe.com"] [uri "/xmlrpc.php"] [unique_id "ak3Vj5R3ralPLLsaK3SmJAAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 01:08:59
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 21:08:51.187915 2026] [security2:error] [pid 6170:tid 6170] [client 152.241.60.66:65411] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.60.66 (+1 hits since last alert)|smoothiessoupssalads.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smoothiessoupssalads.com"] [uri "/xmlrpc.php"] [unique_id "ak2jIxliKUPFhTz_hXDXwwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-07 21:55:09
(1 day ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-07 17:43:06
(1 day ago)
(wordpress) Failed wordpress login from 152.241.60.66 (BR/Brazil/152-241-60-66.user.vivozap.com.br): ...
show more
(wordpress) Failed wordpress login from 152.241.60.66 (BR/Brazil/152-241-60-66.user.vivozap.com.br): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 12:29:43
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.60.66 (152-241-60-66.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:29:37.791672 2026] [security2:error] [pid 10085:tid 10105] [client 152.241.60.66:56488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.60.66 (+1 hits since last alert)|hearthandhomestudio.art|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hearthandhomestudio.art"] [uri "/xmlrpc.php"] [unique_id "akzxMUKjby1x8L7etklq4AAAAI0"]
show less
Brute-Force
Bad Web Bot
Web App Attack