๐ซ๐ท
dynamix
2026-07-07 14:01:01
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-07 12:11:47
(4 days ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-07 11:58:51
(4 days ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 11:49:13
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:49:04.277204 2026] [security2:error] [pid 23276:tid 23276] [client 202.47.42.209:43143] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.47.42.209 (+1 hits since last alert)|greensandbeans.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greensandbeans.us"] [uri "/xmlrpc.php"] [unique_id "akznsBTfdBKXkoPasL1ANwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:45:23
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:45:07.613982 2026] [security2:error] [pid 9049:tid 9049] [client 202.47.42.209:42928] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.47.42.209 (+1 hits since last alert)|telecompros.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "telecompros.net"] [uri "/xmlrpc.php"] [unique_id "akQOswTLXttN-YfxqwPXpgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:40:32
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:40:26.937452 2026] [security2:error] [pid 15209:tid 15209] [client 202.47.42.209:43107] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.47.42.209 (+1 hits since last alert)|incrp.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "incrp.org"] [uri "/xmlrpc.php"] [unique_id "akPxenKnhPtdD_f6N0CZWwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 15:21:19
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:21:14.158043 2026] [security2:error] [pid 21043:tid 21043] [client 202.47.42.209:42514] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.47.42.209 (+1 hits since last alert)|bluesbluff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bluesbluff.com"] [uri "/xmlrpc.php"] [unique_id "akE76sGk91hJhxUtzOWYkgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
QT
2026-06-28 14:47:53
(1 week ago)
Unauthorised WordPress admin login attempted at 2026-06-29 00:47:20 +1000
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 17:49:48
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.47.42.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 13:49:42.531462 2026] [security2:error] [pid 28409:tid 28409] [client 202.47.42.209:43449] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.47.42.209 (+1 hits since last alert)|rambleandprose.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rambleandprose.com"] [uri "/xmlrpc.php"] [unique_id "ajl1tqfGoDskI9k-KSW3fgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack