๐ซ๐ท
masterguru
2026-07-14 09:44:25
(7 hours ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ซ๐ท
dynamix
2026-07-13 12:01:25
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:33:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:33:12.603435 2026] [security2:error] [pid 24281:tid 24281] [client 58.65.217.41:17334] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|telecompros.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "telecompros.net"] [uri "/xmlrpc.php"] [unique_id "alTM-NZkmr45hkjq-mpFOQAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 18:10:23
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 14:10:15.174756 2026] [security2:error] [pid 10678:tid 10678] [client 58.65.217.41:16545] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|tarekshohaieb.online|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tarekshohaieb.online"] [uri "/xmlrpc.php"] [unique_id "alKHB6HP_wvSmu5MmJYqzAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 18:53:56
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 14:53:52.990394 2026] [security2:error] [pid 24365:tid 24365] [client 58.65.217.41:16836] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|fernfield.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fernfield.com"] [uri "/xmlrpc.php"] [unique_id "alE_wCP7Hmoo1B5JGwoMdwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-10 18:40:17
(3 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 17:38:11
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 13:38:04.874982 2026] [security2:error] [pid 8113:tid 8139] [client 58.65.217.41:17285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|guitarprimer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "guitarprimer.com"] [uri "/xmlrpc.php"] [unique_id "ak_cfBHwNBc71ANA_DygTQAAAY8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-09 17:33:41
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-09 17:05:02
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
PK/Pakistan/-
Web App Attack
๐ช๐ธ
masterguru
2026-07-09 15:48:50
(5 days ago)
(xmlrpc) Failed xmlrpc access from 58.65.217.41 (PK/Pakistan/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 05:50:10
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:50:00.445072 2026] [security2:error] [pid 1173:tid 1173] [client 58.65.217.41:17161] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|glassclublake.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "glassclublake.com"] [uri "/xmlrpc.php"] [unique_id "aktCCGIwr8HoiX-5KRgS2QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 18:33:35
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 14:33:31.740506 2026] [security2:error] [pid 5607:tid 5607] [client 58.65.217.41:16117] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|premierveterinarysurgery.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "premierveterinarysurgery.com"] [uri "/xmlrpc.php"] [unique_id "akqje06u7ctS-AjgNKSnpwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 16:36:04
(1 week ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ช๐ธ
masterguru
2026-07-05 08:42:19
(1 week ago)
(xmlrpc) Failed xmlrpc access from 58.65.217.41 (PK/Pakistan/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 16:35:15
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 58.65.217.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:34:58.111622 2026] [security2:error] [pid 20189:tid 20189] [client 58.65.217.41:17721] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 58.65.217.41 (+1 hits since last alert)|bernsteinip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bernsteinip.com"] [uri "/xmlrpc.php"] [unique_id "akVBsvpmj0EthGcO86E7yQAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack