Anonymous
2026-07-04 06:07:07
(2 days ago)
Trying to access config files
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 16:59:03
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 12:58:58.910422 2026] [security2:error] [pid 15376:tid 15376] [client 197.186.18.47:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.186.18.47 (+1 hits since last alert)|local639.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "local639.com"] [uri "/xmlrpc.php"] [unique_id "akaY0qd8fjjlMDBDia7wrgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 15:06:03
(3 days ago)
Trying to access config files
Web App Attack
π³π±
debestelapp
2026-07-02 14:40:07
(3 days ago)
Web App Attack
Anonymous
2026-07-02 06:40:10
(4 days ago)
Attac
Brute-Force
π«π·
applemooz
2026-07-02 05:51:17
(4 days ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
π¦πΊ
screwlooseit.com.au
2026-07-02 03:45:21
(4 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
TZ/Tanzania/47-18-186-197.r.airtel.co.tz
Web App Attack
π³π±
ConsulHosting
2026-07-01 17:14:30
(4 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
π³π±
Site.eu
2026-07-01 13:14:12
(4 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-07-01 08:50:06
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:49:59.180611 2026] [security2:error] [pid 25457:tid 25457] [client 197.186.18.47:626] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.186.18.47 (+1 hits since last alert)|radicalchange.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "radicalchange.org"] [uri "/xmlrpc.php"] [unique_id "akTUt12vGGJJHXkcphQGMwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΎ
Rizzy
2026-07-01 05:41:47
(5 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
π¨π¦
polycoda
2026-07-01 05:34:22
(5 days ago)
AutoBlock: π WordPress Login Brute Force (20X or 30X) (Decay-Based)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-01 05:32:21
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:32:14.563962 2026] [security2:error] [pid 20931:tid 20931] [client 197.186.18.47:5858] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.186.18.47 (+1 hits since last alert)|maffiniandbearce.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maffiniandbearce.com"] [uri "/xmlrpc.php"] [unique_id "akSmXosjuV18OCzuBPbJxgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 04:41:10
(5 days ago)
Attac
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-30 21:36:46
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 197.186.18.47 (47-18-186-197.r.airtel.co.tz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:36:41.195619 2026] [security2:error] [pid 24944:tid 24944] [client 197.186.18.47:7540] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.186.18.47 (+1 hits since last alert)|texascottagebakers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "texascottagebakers.com"] [uri "/xmlrpc.php"] [unique_id "akQ26UdYkI7D7Ry1_q79AQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack