๐บ๐ธ
TPI-Abuse
2026-07-13 20:47:31
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in t ...
show more
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 16:47:28.211422 2026] [security2:error] [pid 31658:tid 31658] [client 79.119.118.11:57060] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.119.118.11 (+1 hits since last alert)|thewhispertwins.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thewhispertwins.com"] [uri "/xmlrpc.php"] [unique_id "alVO4C3m5HbO7QFmd_qYxQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 19:48:02
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in t ...
show more
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 15:47:55.149242 2026] [security2:error] [pid 880:tid 1076] [client 79.119.118.11:54091] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.119.118.11 (+1 hits since last alert)|sweeneyzone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sweeneyzone.com"] [uri "/xmlrpc.php"] [unique_id "alVA60yORRVq7im_uBwcNQAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-13 15:17:44
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-12 21:50:10
(5 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 21:21:33
(5 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ซ๐ฎ
KnightIndustries
2026-07-12 15:13:35
(5 days ago)
2026-07-12T17:13:13.740226+02:00 milkyway wordpress(fawcettcomputerservices.com)[3142278]: XML-RPC a ...
show more
2026-07-12T17:13:13.740226+02:00 milkyway wordpress(fawcettcomputerservices.com)[3142278]: XML-RPC authentication failure for joshua from 79.119.118.11
2026-07-12T17:13:24.295415+02:00 milkyway wordpress(fawcettcomputerservices.com)[3142392]: XML-RPC authentication failure for joshua from 79.119.118.11
2026-07-12T17:13:34.902686+02:00 milkyway wordpress(fawcettcomputerservices.com)[3142276]: XML-RPC authentication failure for joshua from 79.119.118.11
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 10:02:16
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in t ...
show more
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 06:02:12.725712 2026] [security2:error] [pid 9660:tid 9660] [client 79.119.118.11:51259] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.119.118.11 (+1 hits since last alert)|seahattravel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seahattravel.com"] [uri "/xmlrpc.php"] [unique_id "alDDJIb3Zn2pZsFJp_T_YQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:59:39
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in t ...
show more
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:59:30.797228 2026] [security2:error] [pid 22884:tid 22884] [client 79.119.118.11:57909] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.119.118.11 (+1 hits since last alert)|roguetechink.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechink.com"] [uri "/xmlrpc.php"] [unique_id "ak6sIjic36LklvZKlxewKQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-08 12:50:46
(1 week ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 20:41:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in t ...
show more
(mod_security) mod_security (id:240335) triggered by 79.119.118.11 (79-119-118-11.rdsnet.ro): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:41:51.525654 2026] [security2:error] [pid 674:tid 674] [client 79.119.118.11:61140] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.119.118.11 (+1 hits since last alert)|bonegym.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bonegym.com"] [uri "/xmlrpc.php"] [unique_id "ak1kj6DCKaCycEN9sVI-kQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-07 16:04:14
(1 week ago)
(wordpress) Failed wordpress login from 79.119.118.11 (RO/Romania/79-119-118-11.rdsnet.ro)
Brute-Force
๐ณ๐ฑ
javierin
2026-07-07 15:33:38
(1 week ago)
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:06 +0000] "POST /xmlrpc.php HTTP/1.1" 503 19299 ...
show more
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:06 +0000] "POST /xmlrpc.php HTTP/1.1" 503 19299 "-" "Jetpack/12.1; WordPress/6.4; http://site15597171.com"
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:13 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18297 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:23 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack by WordPress.com"
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:34 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:45 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "WordPress.com; https://wordpress.com"
79.119.118.11 - javierin.com - - [07/Jul/2026:15:32:55 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack/12.1; WordPress/6.2; http://site46237296.com"
79.119.118.11 - javierin.com - - [07/Jul/2026:15:33:06 +0000] "POST /xmlrpc.php HTTP/1
...
show less
Brute-Force
Web App Attack