Anonymous
2026-07-15 06:37:28
(13 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-14 22:21:45
(22 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 12:19:05
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 08:18:57.412742 2026] [security2:error] [pid 26868:tid 26868] [client 152.241.69.76:51400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|qed-consulting.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "qed-consulting.co"] [uri "/xmlrpc.php"] [unique_id "alTXsRovcdjiqE_GyWZoqAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:13:19
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:13:14.380738 2026] [security2:error] [pid 1531856:tid 1531856] [client 152.241.69.76:56439] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|cyqci.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cyqci.eu"] [uri "/xmlrpc.php"] [unique_id "alTISjA2tNLb0iPfA0CnWQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 07:40:48
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 03:40:40.982450 2026] [security2:error] [pid 18435:tid 18435] [client 152.241.69.76:50192] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|localpetsitters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "localpetsitters.com"] [uri "/xmlrpc.php"] [unique_id "alSWeFBEgZHEOSmzl4WugAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 07:07:39
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 03:07:36.002248 2026] [security2:error] [pid 14759:tid 14759] [client 152.241.69.76:57616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|arellasoc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arellasoc.com"] [uri "/xmlrpc.php"] [unique_id "alSOt-8izNOxKvs0I8Q4WgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:06:11
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:06:08.140050 2026] [security2:error] [pid 10478:tid 10478] [client 152.241.69.76:62996] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|stop902.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stop902.org"] [uri "/xmlrpc.php"] [unique_id "alRkMPsgXjKe6mhWv6JtNQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
bigwavedave
2026-07-12 10:32:04
(3 days ago)
Wordpress Attack
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-12 08:55:06
(3 days ago)
152.241.69.76 - - [12/Jul/2026:1
...
Brute-Force
๐ช๐ธ
masterguru
2026-07-12 04:04:20
(3 days ago)
(xmlrpc) Failed xmlrpc access from 152.241.69.76 (BR/Brazil/152-241-69-76.user.vivozap.com.br): 5 in ...
show more
(xmlrpc) Failed xmlrpc access from 152.241.69.76 (BR/Brazil/152-241-69-76.user.vivozap.com.br): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-12 01:19:31
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 21:19:28.282253 2026] [security2:error] [pid 30827:tid 30827] [client 152.241.69.76:50936] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|plazahacienda.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "plazahacienda.com"] [uri "/xmlrpc.php"] [unique_id "alLroJ1PnnsHn_a40ZImuAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-11 23:04:58
(3 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BR/Brazil/152-241-69-76.user.vivozap.com.br
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:38:46
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.b ...
show more
(mod_security) mod_security (id:240335) triggered by 152.241.69.76 (152-241-69-76.user.vivozap.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:38:39.556201 2026] [security2:error] [pid 23450:tid 23450] [client 152.241.69.76:60412] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 152.241.69.76 (+1 hits since last alert)|blindshine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blindshine.com"] [uri "/xmlrpc.php"] [unique_id "alHk76PGDyZd-1E8rgRSKAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-11 04:28:49
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack