๐ซ๐ท
dynamix
2026-07-01 15:49:19
(4 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:01:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 79.45.76.153 (host-79-45-76-153.retail.telecomi ...
show more
(mod_security) mod_security (id:240335) triggered by 79.45.76.153 (host-79-45-76-153.retail.telecomitalia.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:01:13.955148 2026] [security2:error] [pid 13254:tid 13266] [client 79.45.76.153:53466] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.45.76.153 (+1 hits since last alert)|maroontribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maroontribe.com"] [uri "/xmlrpc.php"] [unique_id "akQEaUc1R63Mkn2oQPPr4wAAAIo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:33:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 79.45.76.153 (host-79-45-76-153.retail.telecomi ...
show more
(mod_security) mod_security (id:240335) triggered by 79.45.76.153 (host-79-45-76-153.retail.telecomitalia.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:33:10.714745 2026] [security2:error] [pid 22783:tid 22783] [client 79.45.76.153:57843] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.45.76.153 (+1 hits since last alert)|cynosurephotography.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurephotography.com"] [uri "/xmlrpc.php"] [unique_id "akO3hiq3pR1HPgV1UXt3MAAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 08:06:51
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 79.45.76.153 (host-79-45-76-153.retail.telecomi ...
show more
(mod_security) mod_security (id:240335) triggered by 79.45.76.153 (host-79-45-76-153.retail.telecomitalia.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:06:45.395742 2026] [security2:error] [pid 23744:tid 23744] [client 79.45.76.153:56652] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.45.76.153 (+1 hits since last alert)|doublenaughtspycar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doublenaughtspycar.com"] [uri "/xmlrpc.php"] [unique_id "akN5FZSqrw3uCfAvua575AAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-30 08:03:45
(1 day ago)
(wordpress) Failed wordpress login from 79.45.76.153 (IT/Italy/host-79-45-76-153.retail.telecomitali ...
show more
(wordpress) Failed wordpress login from 79.45.76.153 (IT/Italy/host-79-45-76-153.retail.telecomitalia.it)
show less
Brute-Force
Anonymous
2026-06-29 12:24:09
(2 days ago)
[redacted] 79.45.76.153 - - [29/Jun/2026:14:23:25 +0200] "POST /xmlrpc.php HTTP/1.1" 403 832 "-" "Je ...
show more
[redacted] 79.45.76.153 - - [29/Jun/2026:14:23:25 +0200] "POST /xmlrpc.php HTTP/1.1" 403 832 "-" "Jetpack by WordPress.com"
[redacted] 79.45.76.153 - - [29/Jun/2026:14:23:36 +0200] "POST /xmlrpc.php HTTP/1.1" 403 831 "-" "Jetpack/12.5; WordPress/6.2; http://site56936858.com"
[redacted] 79.45.76.153 - - [29/Jun/2026:14:23:47 +0200] "POST /xmlrpc.php HTTP/1.1" 403 832 "-" "Jetpack by WordPress.com"
[redacted] 79.45.76.153 - - [29/Jun/2026:14:23:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 832 "-" "WordPress.com; https://wordpress.com"
[redacted] 79.45.76.153 - - [29/Jun/2026:14:24:08 +0200] "POST /xmlrpc.php HTTP/1.1" 403 832 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-28 19:56:46
(3 days ago)
Wordpress Vunerability attack
Web App Attack
๐ซ๐ท
dynamix
2026-06-27 09:41:32
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2025-09-27 12:13:09
(9 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host