๐บ๐ธ
TPI-Abuse
2026-07-05 18:45:11
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 160.154.233.60 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 160.154.233.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 14:45:07.919355 2026] [security2:error] [pid 6653:tid 6653] [client 160.154.233.60:37068] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.154.233.60 (+1 hits since last alert)|lahamradio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lahamradio.com"] [uri "/xmlrpc.php"] [unique_id "akqmMw6GncorXX7FYKIdrwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
Valhalla
2026-07-05 18:32:43
(2 days ago)
/xmlrpc.php
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 14:39:42
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 160.154.233.60 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 160.154.233.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:39:35.901320 2026] [security2:error] [pid 5733:tid 5733] [client 160.154.233.60:40636] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.154.233.60 (+1 hits since last alert)|designingdestinynow.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "designingdestinynow.com"] [uri "/xmlrpc.php"] [unique_id "akpsp0fRQaDzuN_gHuCgsQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 07:55:19
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 160.154.233.60 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 160.154.233.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 03:55:12.215672 2026] [security2:error] [pid 4223:tid 4232] [client 160.154.233.60:35507] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.154.233.60 (+1 hits since last alert)|41bravo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "41bravo.com"] [uri "/xmlrpc.php"] [unique_id "akoN4LgwCZFwTrKnJEpLuAAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-05 07:05:44
(3 days ago)
(wordpress) Failed wordpress login from 160.154.233.60 (CI/Ivory Coast/-)
Brute-Force
๐ฒ๐พ
Rizzy
2026-07-05 06:10:18
(3 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-04 23:06:05
(3 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
CI/Ivory Coast/-
Web App Attack
Anonymous
2026-07-04 22:23:17
(3 days ago)
(wordpress) Failed wordpress login from 160.154.233.60 (CI/Ivory Coast/-)
Brute-Force
๐ซ๐ท
dynamix
2026-07-04 20:08:44
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฎ๐ฉ
hermawan
2024-08-19 15:35:49
(1 year ago)
[Mon Aug 19 20:03:22.086770 2024] [security2:error] [pid 834775:tid 127010319894080] [client 160.154 ...
show more
[Mon Aug 19 20:03:22.086770 2024] [security2:error] [pid 834775:tid 127010319894080] [client 160.154.233.60:29214] [client 160.154.233.60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "image/heif" at REQUEST_HEADERS:Accept. [file "/etc/modsecurity/coreruleset-4.5.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "44"] [id "441001"] [msg " bot downloader image HEIF Format Only Safari support "] [data "Matched Data: image/heif found within REQUEST_HEADERS:Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/heif,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 request_line = GET /index.php/all-tags/1221 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/all-tags/1221"] [unique_id "ZsNCmn6YOTZYQ45XR4mq4gAA1w8"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[834791] [vcj37hBp8qs] [ZsNCmn6YOTZYQ45XR4mq4gAA1w8] keep_alive=[1] [2024-08-19 20:03:22.086774] [R:ZsNCmn6YOTZYQ4
...
show less
Hacking
Web App Attack
๐ฉ๐ช
niceshops.com
2023-05-08 11:31:10
(3 years ago)
Web Attack ([08/May/2023:13:31:07.231] GET /wp-login.php)
Web App Attack