Anonymous
2026-07-01 03:06:28
(15 hours ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 14:56:07
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 156.204.124.128 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 156.204.124.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:56:03.146224 2026] [security2:error] [pid 19220:tid 19220] [client 156.204.124.128:50417] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 156.204.124.128 (+1 hits since last alert)|energycapitalinvestments.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "energycapitalinvestments.com"] [uri "/xmlrpc.php"] [unique_id "akPZA-dUbo8W-TbCo9w38QAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 12:22:40
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-06-30 10:13:26
(1 day ago)
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=kostaspriftis.gr; logs=/var/log/httpd/domains/kostaspriftis. ...
show more
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=kostaspriftis.gr; logs=/var/log/httpd/domains/kostaspriftis.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-30 07:41:47
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 15:24:23
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 156.204.124.128 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 156.204.124.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 11:24:19.529186 2026] [security2:error] [pid 20867:tid 20876] [client 156.204.124.128:55335] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 156.204.124.128 (+1 hits since last alert)|frannykingsmith.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frannykingsmith.com"] [uri "/xmlrpc.php"] [unique_id "akKOI9z95FKrSvGMMkLPVwAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-06-29 15:00:30
(2 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 14:55:34
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 156.204.124.128 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 156.204.124.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 10:55:29.122638 2026] [security2:error] [pid 26348:tid 26348] [client 156.204.124.128:63402] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 156.204.124.128 (+1 hits since last alert)|pulleasy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pulleasy.com"] [uri "/xmlrpc.php"] [unique_id "akKHYfwCpbCp3mqads0CwAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 10:06:04
(2 days ago)
Trying to access config files
Web App Attack
๐ฆ๐บ
clapper
2026-06-29 07:24:42
(2 days ago)
(mod_security) mod_security (id:350202) triggered by 156.204.124.128 (EG/Egypt/-): 5 in the last 600 ...
show more
(mod_security) mod_security (id:350202) triggered by 156.204.124.128 (EG/Egypt/-): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐ฌ๐ง
NotCool
2026-06-28 09:57:05
(3 days ago)
(XMLRPC) WP XMLPRC Attack 156.204.124.128 (EG/Egypt/-): 50 in the last 3600 secs
Web App Attack