๐บ๐ธ
TPI-Abuse
2026-07-07 14:11:45
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.219.38.46 (dynamic-adsl.movitel.co.mz): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 197.219.38.46 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 10:11:39.860291 2026] [security2:error] [pid 29299:tid 29299] [client 197.219.38.46:55199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.219.38.46 (+1 hits since last alert)|visionremota.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "visionremota.info"] [uri "/xmlrpc.php"] [unique_id "ak0JG2_RKi0XDAuGJ05rSwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-07 13:46:18
(12 hours ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 13:40:49
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.219.38.46 (dynamic-adsl.movitel.co.mz): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 197.219.38.46 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:40:44.552539 2026] [security2:error] [pid 24607:tid 24623] [client 197.219.38.46:52262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.219.38.46 (+1 hits since last alert)|tkfay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tkfay.com"] [uri "/xmlrpc.php"] [unique_id "ak0B3IpVs4WD6qYu0N36LwAAAIw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 13:38:44
(12 hours ago)
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 08:01:10
(18 hours ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 05:59:34
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.219.38.46 (dynamic-adsl.movitel.co.mz): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 197.219.38.46 (dynamic-adsl.movitel.co.mz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 01:59:29.050739 2026] [security2:error] [pid 11466:tid 11466] [client 197.219.38.46:61440] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.219.38.46 (+1 hits since last alert)|creationorevolution.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "creationorevolution.net"] [uri "/xmlrpc.php"] [unique_id "akyVwY0Byup191kyRLtDTgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Victor Lรณpez
2026-07-07 02:41:53
(23 hours ago)
babystudio4d.com 197.219.38.46 - - [06/Jul/2026:21:41:33 -0500] "POST /xmlrpc.php HTTP/1.1" 200 415 ...
show more
babystudio4d.com 197.219.38.46 - - [06/Jul/2026:21:41:33 -0500] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack by WordPress.com"
babystudio4d.com 197.219.38.46 - - [06/Jul/2026:21:41:42 -0500] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "WordPress.com; https://wordpress.com"
babystudio4d.com 197.219.38.46 - - [06/Jul/2026:21:41:53 -0500] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-07 01:26:03
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-06 22:05:16
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-06 20:00:37
(1 day ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
integrantservices.com
2026-07-06 10:17:59
(1 day ago)
(wordpress) Failed wordpress login from 197.219.38.46 (MZ/Mozambique/dynamic-adsl.movitel.co.mz)
Brute-Force
๐บ๐ธ
WeekendWeb
2026-07-06 09:47:13
(1 day ago)
Wordpress Vunerability attack
Web App Attack