๐บ๐ธ
kosada.com
2026-07-13 13:35:31
(1 day ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ซ๐ท
masterguru
2026-07-06 08:27:29
(1 week ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ฉ๐ช
konseptit
2026-07-05 19:47:54
(1 week ago)
(wordpress) Failed wordpress login from 154.208.41.95 (PK/Pakistan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-05 15:26:20
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 154.208.41.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.208.41.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 11:26:14.431860 2026] [security2:error] [pid 22202:tid 22202] [client 154.208.41.95:27374] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.208.41.95 (+1 hits since last alert)|benchmarkbcs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "benchmarkbcs.com"] [uri "/xmlrpc.php"] [unique_id "akp3lnRlNmtHMscIDnyjnQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-07-05 00:46:55
(1 week ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐จ๐ญ
backslash
2026-07-05 00:18:12
(1 week ago)
block ruleset WAF detection and high score on abuseIPDB 149EB1B42C242111FADBBC2EF8F90219570691E1
Bad Web Bot
๐ฒ๐น
Malta
2026-07-04 16:32:34
(1 week ago)
154.208.41.95 - - [04/Jul/2026:18:32:34 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://w ...
show more
154.208.41.95 - - [04/Jul/2026:18:32:34 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-07-04 03:51:16
(1 week ago)
154.208.41.95 - [04/Jul/2026:06:51:06 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; ...
show more
154.208.41.95 - [04/Jul/2026:06:51:06 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "WordPress.com; https://wordpress.com" "-"
154.208.41.95 - [04/Jul/2026:06:51:15 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack by WordPress.com" "-"
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-07-04 03:34:48
(1 week ago)
154.208.41.95 - [04/Jul/2026:06:34:37 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack by Wor ...
show more
154.208.41.95 - [04/Jul/2026:06:34:37 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack by WordPress.com" "-"
154.208.41.95 - [04/Jul/2026:06:34:48 +0300] "POST /xmlrpc.php HTTP/1.1" 403 428 "-" "Jetpack by WordPress.com" "-"
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ท
Lunix
2026-07-03 23:15:04
(1 week ago)
Brute-Force
Web App Attack
๐ช๐ธ
masterguru
2026-07-03 17:14:50
(1 week ago)
(xmlrpc) Failed xmlrpc access from 154.208.41.95 (PK/Pakistan/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
kosada.com
2026-07-03 11:30:44
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฉ๐ช
4server
2026-07-03 08:09:54
(1 week ago)
[FriJul0310:09:52.3732892026][security2:error][pid4084358:tid4084470][client154.208.41.95:0]ModSecur ...
show more
[FriJul0310:09:52.3732892026][security2:error][pid4084358:tid4084470][client154.208.41.95:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"gualandi.ch\"][uri\"/xmlrpc.php\"][unique_id\"akduUMasEBjE9rVLtP_yxwAAAM8\"]
show less
Port Scan
Brute-Force
Web App Attack
Anonymous
2026-07-03 07:15:46
(1 week ago)
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.tentes-margaritis.gr; logs=/var/log/httpd/domains/tentes ...
show more
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.tentes-margaritis.gr; logs=/var/log/httpd/domains/tentes-margaritis.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:43:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 154.208.41.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.208.41.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:43:52.741536 2026] [security2:error] [pid 21353:tid 21404] [client 154.208.41.95:27282] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.208.41.95 (+1 hits since last alert)|peterhansenranch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peterhansenranch.com"] [uri "/xmlrpc.php"] [unique_id "akdaKMpMXMNAe8Ides55tgAAAcw"]
show less
Brute-Force
Bad Web Bot
Web App Attack