๐ช๐ธ
masterguru
2026-07-13 02:20:29
(4 days ago)
(xmlrpc) Failed xmlrpc access from 74.244.119.215 (GH/Ghana/-): 5 in the last 3600 secs (0-122)
Hacking
๐ฉ๐ช
ghostwarriors
2026-07-12 22:50:13
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 22:49:32
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 18:49:27.798748 2026] [security2:error] [pid 12424:tid 12424] [client 74.244.119.215:20325] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.119.215 (+1 hits since last alert)|karenbernsteinlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "karenbernsteinlaw.com"] [uri "/xmlrpc.php"] [unique_id "alQZ950gyoVeyboHPqNLJwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 22:47:42
(4 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
factor1
2026-07-12 21:15:00
(4 days ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 19:46:03
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 15:45:56.076810 2026] [security2:error] [pid 6534:tid 6534] [client 74.244.119.215:34605] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.119.215 (+1 hits since last alert)|creationorevolution.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "creationorevolution.net"] [uri "/xmlrpc.php"] [unique_id "alPu9AMCx_jvTESpzh5sSgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-12 19:13:46
(4 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com","WordPress.com; https://wordpress.com","Jetpack/12.5; WordPress/6.2; http://site98064970.com"]
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 18:13:12
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 14:13:05.731568 2026] [security2:error] [pid 14702:tid 14702] [client 74.244.119.215:46499] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.119.215 (+1 hits since last alert)|cliniquecavalancia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cliniquecavalancia.com"] [uri "/xmlrpc.php"] [unique_id "alPZMbPi0zP2RHFvnkzR9QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 14:56:26
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 10:56:19.314205 2026] [security2:error] [pid 14217:tid 14217] [client 74.244.119.215:11661] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.119.215 (+1 hits since last alert)|boaredraven.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "boaredraven.com"] [uri "/xmlrpc.php"] [unique_id "alOrE5CKHrTcS_zINs93NAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 13:14:48
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 09:14:42.320058 2026] [security2:error] [pid 13454:tid 13454] [client 74.244.119.215:59984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.119.215 (+1 hits since last alert)|greatchristianadventure.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greatchristianadventure.com"] [uri "/xmlrpc.php"] [unique_id "alOTQnqc9QiVsJLtbjKlxQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 11:41:27
(5 days ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 07:58:49
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 03:58:42.957045 2026] [security2:error] [pid 5277:tid 5277] [client 74.244.119.215:45795] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.119.215 (+1 hits since last alert)|canebrakes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "canebrakes.com"] [uri "/xmlrpc.php"] [unique_id "alNJMmuAg8nyxaXmQo_H2gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-12 07:26:28
(5 days ago)
(wordpress) Failed wordpress login from 74.244.119.215 (GH/Ghana/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-12 05:43:23
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 74.244.119.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 01:43:15.108499 2026] [security2:error] [pid 24594:tid 24605] [client 74.244.119.215:30818] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ethicmark.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ethicmark.org"] [uri "/wp-json/wp/v2/users"] [unique_id "alMpcxggHJ8Lt3maNZbO3AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 05:12:04
(5 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack