๐บ๐ธ
TPI-Abuse
2026-07-07 12:48:33
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:48:26.898657 2026] [security2:error] [pid 6136:tid 6136] [client 74.244.129.197:6800] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.129.197 (+1 hits since last alert)|stop902.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stop902.org"] [uri "/xmlrpc.php"] [unique_id "akz1mk9KMt_4_MYjaJWBvgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bazter.pro
2026-07-07 11:12:55
(1 day ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Tripwire
2026-07-07 10:39:38
(2 days ago)
Probing for Wordpress - /xmlrpc.php
Brute-Force
Web App Attack
๐ฉ๐ช
Marc
2026-07-07 08:46:34
(2 days ago)
74.244.129.197 - - [07/Jul/2026:10:46:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 2390 "-" "Jetpack/12 ...
show more
74.244.129.197 - - [07/Jul/2026:10:46:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 2390 "-" "Jetpack/12.0; WordPress/6.2; http://site96165771.com" 74.244.129.197 - - [07/Jul/2026:10:46:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3456 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)" 74.244.129.197 - - [07/Jul/2026:10:46:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3457 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
show less
Brute-Force
Web App Attack
๐บ๐ธ
kosada.com
2026-07-07 08:16:18
(2 days ago)
Web vulnerability probing: /xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 05:13:00
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 01:12:56.628708 2026] [security2:error] [pid 9006:tid 9006] [client 74.244.129.197:15865] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.129.197 (+1 hits since last alert)|redlitephotos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "redlitephotos.com"] [uri "/xmlrpc.php"] [unique_id "akyK2NOsslxy9m-7JKoadwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-06 14:06:52
(2 days ago)
(xmlrpc_405) XMLRPC-Bot 405 74.244.129.197 (ZM/Zambia/-)
Hacking
Anonymous
2026-07-05 18:42:40
(3 days ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-05 16:40:49
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 12:40:45.197556 2026] [security2:error] [pid 407:tid 407] [client 74.244.129.197:10630] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.129.197 (+1 hits since last alert)|verdeprofundo.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "akqJDerD0WoIqWO9sPEbigAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 13:56:52
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 74.244.129.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 09:56:46.862357 2026] [security2:error] [pid 5908:tid 5908] [client 74.244.129.197:43803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.244.129.197 (+1 hits since last alert)|integrabroadcast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "integrabroadcast.com"] [uri "/xmlrpc.php"] [unique_id "akpiniIYBgXFaJP3oGJkBwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack