๐ซ๐ท
applemooz
2026-07-12 23:02:37
(9 hours ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-12 22:05:09
(10 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-12 19:28:55
(13 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
TR/Turkey/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 19:14:18
(13 hours ago)
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 15:14:10.974481 2026] [security2:error] [pid 14028:tid 14028] [client 176.236.199.166:57193] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.236.199.166 (+1 hits since last alert)|takeapawsboston.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "takeapawsboston.com"] [uri "/xmlrpc.php"] [unique_id "alPngkU229Kv1d1FlGOvoQAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 17:39:13
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:39:09.591177 2026] [security2:error] [pid 26703:tid 26703] [client 176.236.199.166:56645] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.236.199.166 (+1 hits since last alert)|bzbdesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bzbdesigns.com"] [uri "/xmlrpc.php"] [unique_id "alPRPYhV0cvOm-kMv94z9AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 08:27:44
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 04:27:39.978392 2026] [security2:error] [pid 14865:tid 14974] [client 176.236.199.166:56517] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.236.199.166 (+1 hits since last alert)|bortec-corp.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bortec-corp.com"] [uri "/xmlrpc.php"] [unique_id "alNP--OJU-Bi1aFDujKrdwAAAIU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-12 04:15:07
(1 day ago)
(wordpress) Failed wordpress login from 176.236.199.166 (TR/Tรผrkiye/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-11 23:28:57
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 19:28:53.743315 2026] [security2:error] [pid 29335:tid 29335] [client 176.236.199.166:57384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.236.199.166 (+1 hits since last alert)|theseoscribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theseoscribe.com"] [uri "/xmlrpc.php"] [unique_id "alLRtaj6porTPo3bC8FekwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 22:48:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 18:48:22.758534 2026] [security2:error] [pid 5586:tid 5586] [client 176.236.199.166:56902] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.236.199.166 (+1 hits since last alert)|ultratecnologia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ultratecnologia.com"] [uri "/xmlrpc.php"] [unique_id "alLINu_H--RHjG96hLIRqAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-11 13:06:04
(1 day ago)
Trying to access config files
Web App Attack
๐ช๐ธ
masterguru
2026-07-11 04:48:14
(2 days ago)
(xmlrpc) Failed xmlrpc access from 176.236.199.166 (TR/Turkey/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-11 02:50:35
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 176.236.199.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 22:50:29.369789 2026] [security2:error] [pid 1034:tid 1034] [client 176.236.199.166:56962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.236.199.166 (+1 hits since last alert)|thereisaplaceonearth.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thereisaplaceonearth.com"] [uri "/xmlrpc.php"] [unique_id "alGvdUvzt9h1qizMXj3CRgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-11 01:21:12
(2 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-11 01:10:35
(2 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-11 00:36:01
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack