๐บ๐ธ
TPI-Abuse
2026-07-16 00:23:47
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:23:34.894388 2026] [security2:error] [pid 15665:tid 15665] [client 61.9.8.233:44789] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 61.9.8.233 (+1 hits since last alert)|kiinlog.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kiinlog.com"] [uri "/xmlrpc.php"] [unique_id "algkhoSYdktKM_CucVMqpAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-15 10:43:05
(18 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-15 01:20:11
(1 day ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 00:53:10
(1 day ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 05:11:45
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 01:11:34.806617 2026] [security2:error] [pid 17058:tid 17062] [client 61.9.8.233:22884] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 61.9.8.233 (+1 hits since last alert)|pref-realestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pref-realestate.com"] [uri "/xmlrpc.php"] [unique_id "alXFBkYe0tB5ZBfQXX5BqgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
dominioz
2026-07-13 20:47:49
(2 days ago)
2026-07-13 20:43:47 POST /xmlrpc.php - - 61.9.8.233 HTTP/1.1 WordPress.com;+https://wordpress.com - ...
show more
2026-07-13 20:43:47 POST /xmlrpc.php - - 61.9.8.233 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-07-13 20:45:05 POST /xmlrpc.php - - 61.9.8.233 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-07-13 20:46:33 POST /xmlrpc.php - - 61.9.8.233 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-07-13 20:47:39 POST /xmlrpc.php - - 61.9.8.233 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+12.5;+WordPress+6.2) - 200 650
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:52:30
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:52:21.301599 2026] [security2:error] [pid 4053:tid 4053] [client 61.9.8.233:43078] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 61.9.8.233 (+1 hits since last alert)|the-it-man.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "the-it-man.com"] [uri "/xmlrpc.php"] [unique_id "alTRdfORYjWE-qESE45FLgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
konseptit
2026-07-13 01:23:21
(3 days ago)
(wordpress) Failed wordpress login from 61.9.8.233 (PH/Philippines/-)
Brute-Force
๐ซ๐ท
dynamix
2026-07-12 22:41:05
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-12 22:20:21
(3 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 22:02:06
(3 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-12 16:54:56
(3 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
PH/Philippines/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 15:37:27
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 11:37:14.693345 2026] [security2:error] [pid 4692:tid 4717] [client 61.9.8.233:64790] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 61.9.8.233 (+1 hits since last alert)|datuinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "datuinc.com"] [uri "/xmlrpc.php"] [unique_id "alO0qt8sxhqr8za0conoeQAAAJc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 08:05:31
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 61.9.8.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 04:05:20.426217 2026] [security2:error] [pid 12262:tid 12262] [client 61.9.8.233:64302] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 61.9.8.233 (+1 hits since last alert)|hotpay.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hotpay.co"] [uri "/xmlrpc.php"] [unique_id "alNKwLhbaqQUUY1hsjxL6QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-10 04:32:16
(1 month ago)
Attac
Brute-Force