๐บ๐ธ
TPI-Abuse
2026-07-13 13:44:25
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 59.96.223.135 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 59.96.223.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 09:44:16.685859 2026] [security2:error] [pid 28540:tid 28540] [client 59.96.223.135:55171] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 59.96.223.135 (+1 hits since last alert)|americanexportimport.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "americanexportimport.com"] [uri "/xmlrpc.php"] [unique_id "alTrsJioOfEEPz7SUCopHQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 10:08:28
(1 day ago)
[redacted] 59.96.223.135 - - [13/Jul/2026:12:07:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 59.96.223.135 - - [13/Jul/2026:12:07:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
[redacted] 59.96.223.135 - - [13/Jul/2026:12:07:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
[redacted] 59.96.223.135 - - [13/Jul/2026:12:08:03 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 59.96.223.135 - - [13/Jul/2026:12:08:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site87813862.com"
[redacted] 59.96.223.135 - - [13/Jul/2026:12:08:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-13 03:49:19
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-12 21:39:16
(1 day ago)
(wordpress) Failed wordpress login from 59.96.223.135 (IN/India/-)
Brute-Force
Anonymous
2026-07-12 21:39:16
(1 day ago)
[redacted] 59.96.223.135 - - [12/Jul/2026:23:38:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 59.96.223.135 - - [12/Jul/2026:23:38:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site99117428.com"
[redacted] 59.96.223.135 - - [12/Jul/2026:23:38:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site81993998.com"
[redacted] 59.96.223.135 - - [12/Jul/2026:23:38:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site76591752.com"
[redacted] 59.96.223.135 - - [12/Jul/2026:23:39:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 59.96.223.135 - - [12/Jul/2026:23:39:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 18:37:19
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 59.96.223.135 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 59.96.223.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 14:37:12.479544 2026] [security2:error] [pid 893:tid 908] [client 59.96.223.135:49804] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 59.96.223.135 (+1 hits since last alert)|sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sparkhypnotherapy.com"] [uri "/xmlrpc.php"] [unique_id "alPe2KRscEzW6XwCYMH2PQAAAU0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 17:04:34
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 59.96.223.135 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 59.96.223.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:04:27.107505 2026] [security2:error] [pid 12480:tid 12480] [client 59.96.223.135:53719] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 59.96.223.135 (+1 hits since last alert)|warpedweed.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "warpedweed.com"] [uri "/xmlrpc.php"] [unique_id "alPJG4wci-VFdnl9Kn4ygQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-12 17:03:25
(1 day ago)
(wordpress) Failed wordpress login from 59.96.223.135 (IN/India/-): (CF_ENABLE)
Brute-Force
๐ฉ๐ช
ghostwarriors
2026-07-12 16:50:22
(1 day ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 16:39:30
(1 day ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
cybsecaoccol
2024-08-10 03:56:49
(1 year ago)
unauthorized connection or malicious port scan attempted on tcp port - corp
Port Scan
Hacking