๐ฌ๐ง
Apache
2026-07-13 12:36:47
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (IN/India/-): 5 in the last 300 s ...
show more
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (IN/India/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-07-13 05:56:07
(1 day ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)","Jetpack/12.1; WordPress/6.4; http://site81884659.com","Jetpack/12.0; WordPress/6.1; http://
show less
Brute-Force
Web App Attack
Anonymous
2026-07-13 04:42:15
(1 day ago)
(wordpress) Failed wordpress login from 175.101.99.42 (IN/India/Andhra Pradesh/Vijayawada/-/[redacte ...
show more
(wordpress) Failed wordpress login from 175.101.99.42 (IN/India/Andhra Pradesh/Vijayawada/-/[redacted])
show less
Brute-Force
Anonymous
2026-06-19 15:07:52
(3 weeks ago)
[redacted] 175.101.99.42 - - [19/Jun/2026:17:07:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ...
show more
[redacted] 175.101.99.42 - - [19/Jun/2026:17:07:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 175.101.99.42 - - [19/Jun/2026:17:07:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 175.101.99.42 - - [19/Jun/2026:17:07:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
[redacted] 175.101.99.42 - - [19/Jun/2026:17:07:38 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
[redacted] 175.101.99.42 - - [19/Jun/2026:17:07:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ช๐ธ
masterguru
2026-06-19 08:27:26
(3 weeks ago)
(xmlrpc) Failed xmlrpc access from 175.101.99.42 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-19 07:12:17
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:12:10.041987 2026] [security2:error] [pid 15265:tid 15265] [client 175.101.99.42:51082] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 175.101.99.42 (+1 hits since last alert)|theroyalhouseofelohim.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theroyalhouseofelohim.org"] [uri "/xmlrpc.php"] [unique_id "ajTrynclMpLwG4bpZkXunAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 06:42:39
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:42:33.028306 2026] [security2:error] [pid 20215:tid 20215] [client 175.101.99.42:23593] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 175.101.99.42 (+1 hits since last alert)|egelfitness.nl|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "egelfitness.nl"] [uri "/xmlrpc.php"] [unique_id "ajTk2eXHZ4P7j-_PcjwreAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 04:05:10
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 00:05:06.905973 2026] [security2:error] [pid 12362:tid 12426] [client 175.101.99.42:55565] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 175.101.99.42 (+1 hits since last alert)|dbestcarting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dbestcarting.com"] [uri "/xmlrpc.php"] [unique_id "ajS_8ojX89FIpFH4DYYP-AAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-05-28 11:57:13
(1 month ago)
Web vulnerability probing: /xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 07:45:53
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 03:45:47.090062 2026] [security2:error] [pid 22381:tid 22381] [client 175.101.99.42:58490] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 175.101.99.42 (+1 hits since last alert)|midcityrotary.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "midcityrotary.org"] [uri "/xmlrpc.php"] [unique_id "ahfyqwxDeg7UhjMz8nzy_wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-28 06:13:14
(1 month ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-28 05:45:05
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 175.101.99.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 01:45:00.382224 2026] [security2:error] [pid 11398:tid 11398] [client 175.101.99.42:23496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 175.101.99.42 (+1 hits since last alert)|xyncom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "xyncom.com"] [uri "/xmlrpc.php"] [unique_id "ahfWXPUMkRpJSXRWfbjawgAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
Johan Finn
2025-12-02 05:22:43
(7 months ago)
malicious activity
Web App Attack
๐ณ๐ฑ
exxos
2025-08-20 12:03:01
(10 months ago)
http-no-verb
Hacking
๐บ๐ธ
Zandro
2025-08-20 07:37:03
(10 months ago)
alicloud harvester
Bad Web Bot