๐ซ๐ฎ
YF
2026-07-08 19:01:33
(3 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ณ๐ฑ
debestelapp
2026-07-08 19:01:26
(3 days ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 18:20:55
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 14:20:51.486266 2026] [security2:error] [pid 18772:tid 18772] [client 179.179.217.166:51938] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.179.217.166 (+1 hits since last alert)|medusakenya.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "medusakenya.com"] [uri "/xmlrpc.php"] [unique_id "ak6VA1wqf8FWnA-mkv3bxAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 17:47:49
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 13:47:43.389905 2026] [security2:error] [pid 24254:tid 24254] [client 179.179.217.166:52894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.179.217.166 (+1 hits since last alert)|jerielster.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jerielster.com"] [uri "/xmlrpc.php"] [unique_id "ak6NP1H5pUjcdqzM7DS_5AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-08 17:17:44
(3 days ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 179.179.217.166 (BR/Brazil/179.179. ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 179.179.217.166 (BR/Brazil/179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
n2nguyenn2nguyen
2026-07-08 16:39:51
(4 days ago)
Blocked by YFC Security on https://fencingforward.com โ type: xmlrpc_attempts
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-08 16:37:20
(4 days ago)
17.496 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-08 15:56:32
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:225170) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:56:27.320600 2026] [security2:error] [pid 16465:tid 16465] [client 179.179.217.166:50863] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||activethinkers.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "activethinkers.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ak5zK6Bm876CcLW123OlSwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 15:17:16
(4 days ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=www.geomed.gr; logs=/var/log/httpd/domains/geomed.gr.log; s ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=www.geomed.gr; logs=/var/log/httpd/domains/geomed.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 14:10:00
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 10:09:53.673810 2026] [security2:error] [pid 24502:tid 24502] [client 179.179.217.166:59468] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.179.217.166 (+1 hits since last alert)|lusineweb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lusineweb.com"] [uri "/xmlrpc.php"] [unique_id "ak5aMbKsL9gX_mvsy10NpgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 13:39:02
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 09:38:58.301661 2026] [security2:error] [pid 3181:tid 3181] [client 179.179.217.166:59921] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.179.217.166 (+1 hits since last alert)|pakistanvision.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pakistanvision.com"] [uri "/xmlrpc.php"] [unique_id "ak5S8qphGZgaqELaskW1ngAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 13:18:01
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:225170) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 09:17:57.445610 2026] [security2:error] [pid 3406:tid 3406] [client 179.179.217.166:64071] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||theopinionatedowl.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theopinionatedowl.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ak5OBevjoHfqYOo629XO-gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 13:01:13
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.g ...
show more
(mod_security) mod_security (id:240335) triggered by 179.179.217.166 (179.179.217.166.dynamic.adsl.gvt.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 09:01:07.275214 2026] [security2:error] [pid 28768:tid 28768] [client 179.179.217.166:55998] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.179.217.166 (+1 hits since last alert)|stop902.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stop902.org"] [uri "/xmlrpc.php"] [unique_id "ak5KE_I7osmVPKBGdl3mJgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-08 13:00:11
(4 days ago)
(wordpress) Failed wordpress login from 179.179.217.166 (BR/Brazil/179.179.217.166.dynamic.adsl.gvt. ...
show more
(wordpress) Failed wordpress login from 179.179.217.166 (BR/Brazil/179.179.217.166.dynamic.adsl.gvt.net.br)
show less
Brute-Force
๐ซ๐ท
Kenshin869
2026-07-07 20:51:20
(4 days ago)
Wordpress unauthorized access attempt
Brute-Force