๐บ๐ธ
integrantservices.com
2026-07-03 14:56:40
(9 hours ago)
(wordpress) Failed wordpress login from 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-03 12:45:01
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): ...
show more
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:44:56.147808 2026] [security2:error] [pid 22217:tid 22227] [client 197.245.77.79:50999] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.245.77.79 (+1 hits since last alert)|metropaint.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "metropaint.net"] [uri "/xmlrpc.php"] [unique_id "akeuyKfwf8PImgD65rL1DgAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-03 11:10:25
(13 hours ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-03 10:43:37
(13 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): ...
show more
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:43:33.484265 2026] [security2:error] [pid 6678:tid 6678] [client 197.245.77.79:55994] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.245.77.79 (+1 hits since last alert)|edmestonfd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edmestonfd.com"] [uri "/xmlrpc.php"] [unique_id "akeSVSFrfeSwq3_59ajbsgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-03 08:11:29
(16 hours ago)
(wordpress) Failed wordpress login from 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): (CF_ENABLE)
Brute-Force
๐ฆ๐บ
QT
2026-07-02 06:29:54
(1 day ago)
Unauthorised WordPress admin login attempted at 2026-07-02 16:29:53 +1000
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 14:44:32
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
dynamix
2026-07-01 07:40:12
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:02:04
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): ...
show more
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:01:57.788432 2026] [security2:error] [pid 3507:tid 3507] [client 197.245.77.79:62349] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.245.77.79 (+1 hits since last alert)|stacyfarm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stacyfarm.com"] [uri "/xmlrpc.php"] [unique_id "akS7ZcD_Cn4nSVyB_R9idwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 13:29:20
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): ...
show more
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 09:29:16.158123 2026] [security2:error] [pid 11935:tid 11935] [client 197.245.77.79:53513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.245.77.79 (+1 hits since last alert)|customhumanrobots.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "customhumanrobots.com"] [uri "/xmlrpc.php"] [unique_id "akJzLCg_UHdHNb6UPKVo9gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-29 12:56:21
(4 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
dynamix
2026-06-29 08:04:10
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 11:54:00
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): ...
show more
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 07:53:51.777758 2026] [security2:error] [pid 20562:tid 20562] [client 197.245.77.79:49881] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.245.77.79 (+1 hits since last alert)|soundtrax.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "soundtrax.net"] [uri "/xmlrpc.php"] [unique_id "aj5oT0N8Hxwhs0Ez6Dal9wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-25 15:00:02
(1 week ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 14:47:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): ...
show more
(mod_security) mod_security (id:240335) triggered by 197.245.77.79 (dsl-197-245-77-79.voxdsl.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:47:54.247325 2026] [security2:error] [pid 8428:tid 8428] [client 197.245.77.79:61655] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.245.77.79 (+1 hits since last alert)|modmove.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modmove.com"] [uri "/xmlrpc.php"] [unique_id "aj0_mh-L7IMcCJCzC33mRAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack