๐บ๐ธ
TPI-Abuse
2026-07-02 07:21:56
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:21:52.112586 2026] [security2:error] [pid 365:tid 481] [client 64.137.210.148:23465] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 64.137.210.148 (+1 hits since last alert)|executiveconsultingpr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "executiveconsultingpr.com"] [uri "/xmlrpc.php"] [unique_id "akYRkJkd5QvFhUiHTQlyIwAAAdY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 04:17:07
(22 hours ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 01:15:41
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 21:15:37.454968 2026] [security2:error] [pid 7522:tid 7522] [client 64.137.210.148:58724] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 64.137.210.148 (+1 hits since last alert)|iconconstructors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iconconstructors.com"] [uri "/xmlrpc.php"] [unique_id "akW7uUjquJFsEbI6ttGZSgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 00:13:44
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 20:13:41.226348 2026] [security2:error] [pid 11129:tid 11129] [client 64.137.210.148:18962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 64.137.210.148 (+1 hits since last alert)|mirai-labo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mirai-labo.com"] [uri "/xmlrpc.php"] [unique_id "akWtNQ8rhUFMqvil34PLqgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 23:04:12
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
tecnicorioja
2026-07-01 22:00:18
(1 day ago)
POST /xmlrpc.php [01/Jul/2026:05:16:38
Brute-Force
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-01 20:25:26
(1 day ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐จ๐ฆ
polycoda
2026-07-01 19:25:30
(1 day ago)
AutoBlock: ๐ WordPress Login Brute Force (20X or 30X) (Decay-Based)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:29:00
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:28:55.320615 2026] [security2:error] [pid 18032:tid 18032] [client 64.137.210.148:58481] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 64.137.210.148 (+1 hits since last alert)|thewhispertwins.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thewhispertwins.com"] [uri "/xmlrpc.php"] [unique_id "akUWF-YMuQSNklWENMEJ6wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 09:52:05
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:51:55.830540 2026] [security2:error] [pid 19980:tid 19980] [client 64.137.210.148:1360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 64.137.210.148 (+1 hits since last alert)|rotentendales.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rotentendales.com"] [uri "/xmlrpc.php"] [unique_id "akTjO8nm-BUea5wT5F8FQAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 08:49:10
(1 day ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 08:07:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 64.137.210.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:07:02.427234 2026] [security2:error] [pid 14004:tid 14004] [client 64.137.210.148:14362] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 64.137.210.148 (+1 hits since last alert)|pharmaceuticalsalescertifications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/xmlrpc.php"] [unique_id "akTKpmUFfHlOZY0YKNnGHwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-01 05:46:13
(1 day ago)
Try to access /xmlrpc.php
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-30 20:37:46
(2 days ago)
Wordpress Vunerability attack
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 20:07:03
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack