๐บ๐ธ
ph
2026-07-12 14:42:04
(1 day ago)
Bad web bot attempting to run wp-login.php on non-WP site
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 12:08:30
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:08:26.889514 2026] [security2:error] [pid 5814:tid 5814] [client 182.9.35.231:18387] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|dwightbrown.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dwightbrown.com"] [uri "/xmlrpc.php"] [unique_id "ai6ZuoScFZ5OatkowZ7DDwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-14 10:36:25
(4 weeks ago)
[ns41.kdns.gr] httpd-xmlrpc-post: sites=kkourelis.gr; logs=/var/log/httpd/domains/kkourelis.gr.log; ...
show more
[ns41.kdns.gr] httpd-xmlrpc-post: sites=kkourelis.gr; logs=/var/log/httpd/domains/kkourelis.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ฉ๐ช
grassau.com
2026-06-14 10:35:46
(4 weeks ago)
(wordpress) Failed wordpress login from 182.9.35.231 (ID/Indonesia/North Sumatra/Medan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-14 10:06:12
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:06:08.205539 2026] [security2:error] [pid 27980:tid 27980] [client 182.9.35.231:31331] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|cynosurehomeservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurehomeservices.com"] [uri "/xmlrpc.php"] [unique_id "ai59EK4lem4CohhzX1163gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-14 04:35:58
(1 month ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-13 14:39:48
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 10:39:45.076638 2026] [security2:error] [pid 11026:tid 11026] [client 182.9.35.231:27275] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|geckoturner.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geckoturner.com"] [uri "/xmlrpc.php"] [unique_id "ai1rsaXaTtv5nz9E_K0yvAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 06:52:32
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 02:52:23.994254 2026] [security2:error] [pid 25470:tid 25470] [client 182.9.35.231:35510] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|bigheartskitchen.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigheartskitchen.net"] [uri "/xmlrpc.php"] [unique_id "aiz-JywNGsVFPXeZwuwafwAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-06-13 06:19:57
(1 month ago)
(xmlrpc) Failed xmlrpc access from 182.9.35.231 (ID/Indonesia/-): 5 in the last 3600 secs (0-122)
Hacking
๐ง๐ช
cmbplf
2026-06-13 02:26:05
(1 month ago)
4.149 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-13 01:54:56
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 21:54:48.958543 2026] [security2:error] [pid 11002:tid 11002] [client 182.9.35.231:24444] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|3beeze.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "3beeze.com"] [uri "/xmlrpc.php"] [unique_id "aiy4aMNBHg8rwOOkhR-57AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 09:42:19
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 05:42:11.828316 2026] [security2:error] [pid 13892:tid 13892] [client 182.9.35.231:26642] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|goodfrequencies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goodfrequencies.com"] [uri "/xmlrpc.php"] [unique_id "aivUc9-SU72qAALB2yYbSwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-11 09:58:53
(1 month ago)
Wordpress Vunerability attack
Web App Attack
๐ซ๐ท
dynamix
2026-06-11 09:27:51
(1 month ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 06:20:28
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 182.9.35.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 02:20:21.019661 2026] [security2:error] [pid 17938:tid 18034] [client 182.9.35.231:11660] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.9.35.231 (+1 hits since last alert)|artmarialeon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artmarialeon.com"] [uri "/xmlrpc.php"] [unique_id "aipTpdw-o_BYtBFwf997tQAAAII"]
show less
Brute-Force
Bad Web Bot
Web App Attack