Anonymous
2026-07-07 03:36:03
(4 hours ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 02:40:07
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 22:39:56.584856 2026] [security2:error] [pid 23566:tid 23566] [client 202.69.42.10:53750] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|barigby.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barigby.com"] [uri "/xmlrpc.php"] [unique_id "akxm_M2GNL68A6crKss6dQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-07 00:46:32
(7 hours ago)
(wordpress) Failed wordpress login from 202.69.42.10 (PK/Pakistan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 22:48:49
(9 hours ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 18:48:36.582487 2026] [security2:error] [pid 5530:tid 5530] [client 202.69.42.10:49242] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|lysedzija.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lysedzija.com"] [uri "/xmlrpc.php"] [unique_id "akwwxFRdU2zyONQYBHgzqAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 17:29:13
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 13:29:00.112297 2026] [security2:error] [pid 31562:tid 31562] [client 202.69.42.10:49950] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|smoothiessoupssalads.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smoothiessoupssalads.com"] [uri "/xmlrpc.php"] [unique_id "akvl3K5hCa0oDXSi-_i6kQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-06 16:56:20
(15 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 16:09:21
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 12:09:10.683776 2026] [security2:error] [pid 24395:tid 24395] [client 202.69.42.10:61739] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|amywoodruff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "amywoodruff.com"] [uri "/xmlrpc.php"] [unique_id "akvTJhlzf1mYy0Hu9OGvegAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 12:36:43
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:36:31.891966 2026] [security2:error] [pid 13932:tid 13932] [client 202.69.42.10:52499] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|velvetculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "velvetculture.com"] [uri "/xmlrpc.php"] [unique_id "akuhT3leR1y3lsbNOadz6wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-06 11:06:02
(21 hours ago)
(xmlrpc) Failed xmlrpc access from 202.69.42.10 (PK/Pakistan/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 06:20:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:20:05.889854 2026] [security2:error] [pid 8174:tid 8174] [client 202.69.42.10:63286] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|yanlidesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yanlidesign.com"] [uri "/xmlrpc.php"] [unique_id "aktJFQGg214AJeN4S1r8LAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-06 04:35:34
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:58:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:58:11.805396 2026] [security2:error] [pid 16302:tid 16302] [client 202.69.42.10:55120] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|321q.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "321q.com"] [uri "/xmlrpc.php"] [unique_id "aksZwyZzoZItLTZtLk81lgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-06 00:54:33
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
YF
2026-07-05 19:10:14
(1 day ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-05 18:45:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 202.69.42.10 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 14:45:15.628924 2026] [security2:error] [pid 25224:tid 25224] [client 202.69.42.10:55966] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.69.42.10 (+1 hits since last alert)|medusakenya.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "medusakenya.com"] [uri "/xmlrpc.php"] [unique_id "akqmO7Go-S39yuNaurB-lQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack