๐บ๐ธ
TPI-Abuse
2026-07-09 15:07:39
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:07:33.044024 2026] [security2:error] [pid 24431:tid 24431] [client 49.206.15.157:9480] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|freemanfoundationcle.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "freemanfoundationcle.org"] [uri "/xmlrpc.php"] [unique_id "ak-5NYukBnB1dY3o0jHCBgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-09 08:51:58
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 06:46:42
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:46:35.959264 2026] [security2:error] [pid 29408:tid 29408] [client 49.206.15.157:10169] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|pulleasy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pulleasy.com"] [uri "/xmlrpc.php"] [unique_id "ak9Dy1ShuloANF855rH8-gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-08 15:24:50
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-08 11:53:13
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-08 11:12:27
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:12:22.714741 2026] [security2:error] [pid 1649:tid 1649] [client 49.206.15.157:11128] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|mavikalem.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mavikalem.org"] [uri "/xmlrpc.php"] [unique_id "ak4wlqleyRxGD8fzBfqkawAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 09:57:54
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 15:05:47
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:05:38.492178 2026] [security2:error] [pid 12918:tid 12918] [client 49.206.15.157:10920] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|geckoturner.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geckoturner.com"] [uri "/xmlrpc.php"] [unique_id "ak0Vwt_5_ckDK5Y1P2uW8wAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-07 08:46:36
(3 days ago)
(wordpress) Failed wordpress login from 49.206.15.157 (IN/India/49.206.15.157.actcorp.in)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 06:06:24
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 02:06:16.772265 2026] [security2:error] [pid 30977:tid 30977] [client 49.206.15.157:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|avaliantlife.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avaliantlife.com"] [uri "/xmlrpc.php"] [unique_id "akyXWKdbmB1q9SnChWU7MwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-06 14:49:07
(3 days ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-07-06 10:35:06
(3 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:17:22
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:17:15.595073 2026] [security2:error] [pid 23448:tid 23448] [client 49.206.15.157:10823] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|sutherlandyogastudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sutherlandyogastudio.com"] [uri "/xmlrpc.php"] [unique_id "aktWe-PIXoIx7THvBFXl5AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:46:50
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:46:42.943813 2026] [security2:error] [pid 32016:tid 32016] [client 49.206.15.157:9686] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|roguetechscene.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechscene.com"] [uri "/xmlrpc.php"] [unique_id "akszMh4oDSwXhi0-Ra4OKQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 03:43:11
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 49.206.15.157 (49.206.15.157.actcorp.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 23:43:03.257676 2026] [security2:error] [pid 20622:tid 20622] [client 49.206.15.157:9743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.206.15.157 (+1 hits since last alert)|method1.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "method1.net"] [uri "/xmlrpc.php"] [unique_id "akskR7FsMO-JZz6i-9WsZgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack