๐ฒ๐พ
Rizzy
2026-07-11 07:57:12
(13 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-07-11 07:26:11
(13 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)","WordPress.com; https://wordpress.com","Jetpack/13.0; WordPress/6.1; http://site91060451.com
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:46:28
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:46:21.759378 2026] [security2:error] [pid 3983028:tid 3983028] [client 37.28.45.235:15765] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.28.45.235 (+1 hits since last alert)|feministvoice.blog|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feministvoice.blog"] [uri "/xmlrpc.php"] [unique_id "alHmvTlGHAeIVT87d8DBnAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:19:39
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:19:32.426577 2026] [security2:error] [pid 17598:tid 17598] [client 37.28.45.235:45135] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.28.45.235 (+1 hits since last alert)|bigislandhawaiirealestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigislandhawaiirealestate.com"] [uri "/xmlrpc.php"] [unique_id "alHgdIsmA6jehhMY8cpN2gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-09 07:00:46
(2 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
WeekendWeb
2026-07-08 14:03:34
(3 days ago)
Wordpress Vunerability attack
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-07 15:00:06
(4 days ago)
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-06 22:02:25
(4 days ago)
POST /xmlrpc.php [06/Jul/2026:19:41:53
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 14:25:50
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 10:25:42.264852 2026] [security2:error] [pid 29848:tid 29848] [client 37.28.45.235:57011] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.28.45.235 (+1 hits since last alert)|insidepublications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "insidepublications.com"] [uri "/xmlrpc.php"] [unique_id "aku65i4jc52qW1HN_oqV6AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 09:26:03
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 05:25:55.819532 2026] [security2:error] [pid 14126:tid 14140] [client 37.28.45.235:64136] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.28.45.235 (+1 hits since last alert)|browbrew.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "browbrew.com"] [uri "/xmlrpc.php"] [unique_id "akojI-D2nw7Th2bwvNh0PAAAAMI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 08:54:23
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 37.28.45.235 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 04:54:18.169149 2026] [security2:error] [pid 23949:tid 23949] [client 37.28.45.235:61851] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.28.45.235 (+1 hits since last alert)|eileensharaga.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eileensharaga.com"] [uri "/xmlrpc.php"] [unique_id "akobuispyqG-Z3kebBFz_QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-04 07:13:11
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
OM/Oman/dynamic.isp.ooredoo.om
Web App Attack