๐ณ๐ฑ
debestelapp
2026-07-03 20:55:06
(1 hour ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:31:40
(3 hours ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:31:32.873052 2026] [security2:error] [pid 31920:tid 31920] [client 74.90.228.119:57373] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|portlunchgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "portlunchgroup.com"] [uri "/xmlrpc.php"] [unique_id "akgOFPZy1feIuYSD5tacDQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-03 17:45:36
(5 hours ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 20:25:10
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:25:04.776781 2026] [security2:error] [pid 2775:tid 2775] [client 74.90.228.119:60574] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|stinsonbeachsurfandkayak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stinsonbeachsurfandkayak.com"] [uri "/xmlrpc.php"] [unique_id "akbJIH3Q39txwcEHhNFxYwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 23:46:51
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:46:46.269289 2026] [security2:error] [pid 16787:tid 16787] [client 74.90.228.119:56117] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|opticasprisma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "opticasprisma.com"] [uri "/xmlrpc.php"] [unique_id "akWm5pn4fPAF9U495YmACgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:34:08
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:34:02.827488 2026] [security2:error] [pid 27487:tid 27487] [client 74.90.228.119:60838] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doreenkimura.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doreenkimura.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akWV2sR-uidyp0qqmRu50AAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:48:11
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:48:06.557795 2026] [security2:error] [pid 4293:tid 4293] [client 74.90.228.119:56959] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|lambert-heating-and-air.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lambert-heating-and-air.com"] [uri "/xmlrpc.php"] [unique_id "akTGNqpvoWtgMiEy_70djgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:15:13
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:15:06.349336 2026] [security2:error] [pid 18131:tid 18253] [client 74.90.228.119:56862] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|grupojdg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "grupojdg.com"] [uri "/xmlrpc.php"] [unique_id "akS-eiP-D0v3s3z9kvYE1AAAAc8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Sรฉfora Srl
2026-07-01 06:03:08
(2 days ago)
Failed attempt detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 04:11:56
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 00:11:49.991053 2026] [security2:error] [pid 26167:tid 26184] [client 74.90.228.119:54210] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|maroontribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maroontribe.com"] [uri "/xmlrpc.php"] [unique_id "akSThdhlBeNFAVDwlqvQogAAAEw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-01 04:09:57
(2 days ago)
(xmlrpc) Failed xmlrpc access from 74.90.228.119 (US/United States/ool-4a5ae477.dyn.optonline.net): ...
show more
(xmlrpc) Failed xmlrpc access from 74.90.228.119 (US/United States/ool-4a5ae477.dyn.optonline.net): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-30 01:45:35
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:45:31.709590 2026] [security2:error] [pid 20668:tid 20668] [client 74.90.228.119:49185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|carolinafootprints.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "carolinafootprints.com"] [uri "/xmlrpc.php"] [unique_id "akMfu_SZB3wW99MJdp72zgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-06-30 00:56:54
(3 days ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 74.90.228.119 (US/United States/ool ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 74.90.228.119 (US/United States/ool-4a5ae477.dyn.optonline.net): 1 in the last 3600 secs
show less
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-06-29 19:09:55
(4 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 17:02:07
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 74.90.228.119 (ool-4a5ae477.dyn.optonline.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 13:02:02.290189 2026] [security2:error] [pid 1831:tid 1917] [client 74.90.228.119:62834] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 74.90.228.119 (+1 hits since last alert)|executiveaccounting.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "executiveaccounting.net"] [uri "/xmlrpc.php"] [unique_id "akKlChYjukOXWNByCmadcQAAANg"]
show less
Brute-Force
Bad Web Bot
Web App Attack