๐ฉ๐ช
LRob
2026-07-17 16:32:38
(7 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.co ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 15:32:17
(8 hours ago)
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 11:32:11.953205 2026] [security2:error] [pid 983573:tid 983573] [client 5.162.81.195:58272] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.162.81.195 (+1 hits since last alert)|globaldentalservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "alpK-xTnu553RoUqCjX1JQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
NotCool
2026-07-17 15:08:15
(8 hours ago)
(XMLRPC) WP XMLPRC Attack 5.162.81.195 (OM/Oman/dynamic.isp.ooredoo.om): 50 in the last 3600 secs
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:14:48
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:14:41.491697 2026] [security2:error] [pid 16780:tid 16780] [client 5.162.81.195:51012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.162.81.195 (+1 hits since last alert)|pikespeakjazz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pikespeakjazz.com"] [uri "/xmlrpc.php"] [unique_id "alkfkb6wwPlMizBk8fEXeAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
factor1
2026-07-16 17:40:27
(1 day ago)
Fail2ban at churndash Reports Abuse.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:50:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:49:59.635455 2026] [security2:error] [pid 32565:tid 32565] [client 5.162.81.195:64017] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.162.81.195 (+1 hits since last alert)|webuychesterfieldhouses.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "webuychesterfieldhouses.com"] [uri "/xmlrpc.php"] [unique_id "alj9p32wxZbfIlJV8CeFNAAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 14:38:56
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 5.162.81.195 (dynamic.isp.ooredoo.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:38:51.677914 2026] [security2:error] [pid 9563:tid 9563] [client 5.162.81.195:54864] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.162.81.195 (+1 hits since last alert)|prayers4america.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prayers4america.com"] [uri "/xmlrpc.php"] [unique_id "aljs-4gmmeG7apFFlLHFqgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
n2nguyenn2nguyen
2026-07-16 13:35:32
(1 day ago)
Blocked by YFC Security on https://parcl9.com โ type: xmlrpc_attempts
Brute-Force
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-07-16 13:05:16
(1 day ago)
WordPress login attempt
Brute-Force
๐ฉ๐ช
Sรฉfora Srl
2026-07-16 13:02:39
(1 day ago)
Failed attempt detected by Fail2Ban in plesk-modsecurity jail
Web App Attack