๐ซ๐ท
dynamix
2026-07-05 11:04:54
(14 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 05:29:28
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 01:29:22.766076 2026] [security2:error] [pid 1992:tid 1992] [client 41.38.96.24:57967] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.38.96.24 (+1 hits since last alert)|cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cosplayculture.com"] [uri "/xmlrpc.php"] [unique_id "aknrsoB0q6Ude8hTA52QsQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-05 00:29:33
(1 day ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
Anonymous
2026-07-04 22:35:56
(1 day ago)
(wordpress) Failed wordpress login from 41.38.96.24 (EG/Egypt/-)
Brute-Force
๐ฌ๐ง
NotCool
2026-07-04 21:42:46
(1 day ago)
(XMLRPC) WP XMLPRC Attack 41.38.96.24 (EG/Egypt/-): 50 in the last 3600 secs
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 19:22:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 15:22:23.170459 2026] [security2:error] [pid 20854:tid 20854] [client 41.38.96.24:60174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.38.96.24 (+1 hits since last alert)|bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "akldb6E3EMAlU7Ig2-0PxwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 18:40:27
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:40:19.157221 2026] [security2:error] [pid 816:tid 816] [client 41.38.96.24:54220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cassialifesci.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cassialifesci.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aklTk_22kmJUTKzjCyjR0AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 18:10:44
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:10:37.688130 2026] [security2:error] [pid 20982:tid 20987] [client 41.38.96.24:53630] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.38.96.24 (+1 hits since last alert)|nimbll.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nimbll.com"] [uri "/xmlrpc.php"] [unique_id "aklMnZWXeqx-mQbiutrmfAAAAEM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 16:57:41
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 41.38.96.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 12:57:33.947937 2026] [security2:error] [pid 22089:tid 22089] [client 41.38.96.24:51116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.38.96.24 (+1 hits since last alert)|lacycustombuilt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lacycustombuilt.com"] [uri "/xmlrpc.php"] [unique_id "akk7fX391vL5_kmZOF2WYQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack