π«π·
dynamix
2026-07-14 21:10:00
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 20:01:32
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 16:01:26.086402 2026] [security2:error] [pid 26957:tid 26957] [client 5.192.152.29:59534] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.152.29 (+1 hits since last alert)|rotentendales.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rotentendales.com"] [uri "/xmlrpc.php"] [unique_id "alaVlkPmdRz_kJNG4Pq2pAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π¦
Dunham Support
2026-07-14 16:12:58
(1 day ago)
(wordpress) Failed wordpress login from 5.192.152.29 (AE/United Arab Emirates/-)
Brute-Force
πͺπΈ
masterguru
2026-07-14 14:09:09
(1 day ago)
(xmlrpc) Failed xmlrpc access from 5.192.152.29 (AE/United Arab Emirates/-): 5 in the last 3600 secs ...
show more
(xmlrpc) Failed xmlrpc access from 5.192.152.29 (AE/United Arab Emirates/-): 5 in the last 3600 secs (0-122)
show less
Hacking
Anonymous
2026-07-14 13:08:18
(1 day ago)
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 11:56:24
(1 day ago)
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.totzaki.gr; logs=/var/log/httpd/domains/totzaki.gr.log; ...
show more
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.totzaki.gr; logs=/var/log/httpd/domains/totzaki.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 11:24:41
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:24:37.077956 2026] [security2:error] [pid 26148:tid 26148] [client 5.192.152.29:46559] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.152.29 (+1 hits since last alert)|seskalee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seskalee.com"] [uri "/xmlrpc.php"] [unique_id "alYcdd_gbOSZ0pcLNUrmFQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 09:53:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 05:53:20.986299 2026] [security2:error] [pid 10255:tid 10255] [client 5.192.152.29:54807] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.152.29 (+1 hits since last alert)|theyoungstrategist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theyoungstrategist.com"] [uri "/xmlrpc.php"] [unique_id "alYHEGyd6Oif2ImDzBW_HAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 06:49:20
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:49:16.436464 2026] [security2:error] [pid 16893:tid 16906] [client 5.192.152.29:54020] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.152.29 (+1 hits since last alert)|mtiminis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mtiminis.com"] [uri "/xmlrpc.php"] [unique_id "alXb7F5E0TCyQbYpsuS6vQAAAEo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 06:22:08
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.152.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:22:00.036993 2026] [security2:error] [pid 2959013:tid 2959013] [client 5.192.152.29:47891] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.152.29 (+1 hits since last alert)|technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "alXViJiFp6ZdqDtzcjM63AAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack