๐บ๐ธ
lostswordfish.com
2026-07-19 04:06:03
(38 minutes ago)
Wordfence waf block on baystatereentrynetwork
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 00:01:27
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 20:01:22.334353 2026] [security2:error] [pid 1191271:tid 1191271] [client 5.193.64.52:60890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.193.64.52 (+1 hits since last alert)|brandoncomputergeeks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "brandoncomputergeeks.com"] [uri "/xmlrpc.php"] [unique_id "alwT0txNeIhok2yikHcN8wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-18 12:23:08
(16 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ณ๐ฑ
ConsulHosting
2026-07-18 08:12:19
(20 hours ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 19:11:09
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 15:11:01.747758 2026] [security2:error] [pid 26988:tid 26988] [client 5.193.64.52:54814] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.193.64.52 (+1 hits since last alert)|denkyusalesca.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "denkyusalesca.com"] [uri "/xmlrpc.php"] [unique_id "alp-RQa96bih1SukPbsyYgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 17:59:17
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 13:59:10.841572 2026] [security2:error] [pid 8517:tid 8517] [client 5.193.64.52:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.193.64.52 (+1 hits since last alert)|bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bbproductionsonline.com"] [uri "/xmlrpc.php"] [unique_id "alptbsEipcB2_oWJ07PMRgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-07-17 17:56:07
(1 day ago)
5.193.64.52 - - [18/Jul/2026:01:55:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "Jetpack/12.1; ...
show more
5.193.64.52 - - [18/Jul/2026:01:55:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "Jetpack/12.1; WordPress/6.1; http://site23335527.com"
5.193.64.52 - - [18/Jul/2026:01:55:56 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "Jetpack by WordPress.com"
5.193.64.52 - - [18/Jul/2026:01:56:07 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5867 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
Anonymous
2026-07-17 15:22:10
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-17 12:19:18
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-17 09:19:41
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:19:35.388997 2026] [security2:error] [pid 10998:tid 10998] [client 5.193.64.52:54693] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.193.64.52 (+1 hits since last alert)|goseethenurse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/xmlrpc.php"] [unique_id "alnzp2769v8StH-hkMszBQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-17 08:18:54
(1 day ago)
(wordpress) Failed wordpress login from 5.193.64.52 (AE/United Arab Emirates/-): (CF_ENABLE)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-17 06:15:42
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:15:36.373785 2026] [security2:error] [pid 1435:tid 1435] [client 5.193.64.52:55082] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.193.64.52 (+1 hits since last alert)|innolympics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "innolympics.com"] [uri "/xmlrpc.php"] [unique_id "alnIiJD2vAyH7Vk2aO6DSQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-17 06:12:02
(1 day ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:28:16
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.193.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:28:08.484720 2026] [security2:error] [pid 16410:tid 16410] [client 5.193.64.52:54533] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.193.64.52 (+1 hits since last alert)|hawaiivacations.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hawaiivacations.com"] [uri "/xmlrpc.php"] [unique_id "alkwyB2gBNR8D7Rb5fptbgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 17:22:43
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack