๐บ๐ธ
TPI-Abuse
2026-07-14 21:23:21
(7 hours ago)
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:23:08.168694 2026] [security2:error] [pid 4666:tid 4666] [client 153.117.1.165:21563] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 153.117.1.165 (+1 hits since last alert)|globaldentalservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "alaovBTnBbWmKHPMNeYz-wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Dolphi
2026-07-13 17:00:04
(1 day ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
Anonymous
2026-07-13 16:45:56
(1 day ago)
[da.kdns.gr] httpd-xmlrpc-post: sites=www.xamogelo.edu.gr; logs=/var/log/httpd/domains/xamogelo.edu. ...
show more
[da.kdns.gr] httpd-xmlrpc-post: sites=www.xamogelo.edu.gr; logs=/var/log/httpd/domains/xamogelo.edu.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-13 16:12:29
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 15:43:13
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 11:43:02.378531 2026] [security2:error] [pid 21171:tid 21171] [client 153.117.1.165:21330] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 153.117.1.165 (+1 hits since last alert)|midway-island.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "midway-island.com"] [uri "/xmlrpc.php"] [unique_id "alUHhjj2EWCK7tkGUxvVjwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-13 15:41:26
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-13 12:57:35
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
rh24
2026-07-13 11:53:20
(1 day ago)
(wordpress) Failed wordpress login from 153.117.1.165 (PK/Pakistan/-): (CF_ENABLE)
Brute-Force
Anonymous
2026-07-12 18:30:21
(2 days ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 17:04:56
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:04:45.333087 2026] [security2:error] [pid 9990:tid 9990] [client 153.117.1.165:20630] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 153.117.1.165 (+1 hits since last alert)|davesievers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "davesievers.com"] [uri "/xmlrpc.php"] [unique_id "alPJLU2FK_1B5PTK4tcQjAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 13:10:16
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 153.117.1.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 09:10:02.716902 2026] [security2:error] [pid 4270:tid 4270] [client 153.117.1.165:20355] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 153.117.1.165 (+1 hits since last alert)|d365geek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d365geek.com"] [uri "/xmlrpc.php"] [unique_id "alOSKgBu8rnJF9URZ5GvgAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-12 11:50:11
(2 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-12 11:46:35
(2 days ago)
153.117.1.165 - - [12/Jul/2026:1
...
Brute-Force
Anonymous
2026-07-12 11:15:40
(2 days ago)
[redacted] 153.117.1.165 - - [12/Jul/2026:13:14:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 153.117.1.165 - - [12/Jul/2026:13:14:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
[redacted] 153.117.1.165 - - [12/Jul/2026:13:15:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 153.117.1.165 - - [12/Jul/2026:13:15:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 153.117.1.165 - - [12/Jul/2026:13:15:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 153.117.1.165 - - [12/Jul/2026:13:15:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-11 11:05:13
(3 days ago)
Bad Web Bot
Web App Attack