๐ฒ๐พ
Rizzy
2026-07-13 06:08:22
(6 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 05:07:30
(7 hours ago)
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.c ...
show more
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 01:07:23.142474 2026] [security2:error] [pid 30589:tid 30589] [client 89.148.40.73:63072] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 89.148.40.73 (+1 hits since last alert)|desdier.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desdier.com"] [uri "/xmlrpc.php"] [unique_id "alRyi-7BDYZYOVfF7ytn6AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 10:32:19
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.c ...
show more
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 06:32:12.669437 2026] [security2:error] [pid 26558:tid 26558] [client 89.148.40.73:61824] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 89.148.40.73 (+1 hits since last alert)|innovacionesnimba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "innovacionesnimba.com"] [uri "/xmlrpc.php"] [unique_id "alNtLKU84rp_jxSEleAI4gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 10:28:37
(1 day ago)
[redacted] 89.148.40.73 - - [12/Jul/2026:12:27:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 89.148.40.73 - - [12/Jul/2026:12:27:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site91363714.com"
[redacted] 89.148.40.73 - - [12/Jul/2026:12:28:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site97969324.com"
[redacted] 89.148.40.73 - - [12/Jul/2026:12:28:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 89.148.40.73 - - [12/Jul/2026:12:28:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 89.148.40.73 - - [12/Jul/2026:12:28:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-12 10:10:05
(1 day ago)
Wordfence waf block on kcuar
Web App Attack
๐ซ๐ท
dynamix
2026-07-12 09:30:27
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-12 08:08:44
(1 day ago)
9.189 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 09:08:37
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.c ...
show more
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:08:30.431295 2026] [security2:error] [pid 18900:tid 18900] [client 89.148.40.73:5664] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 89.148.40.73 (+1 hits since last alert)|yogawithbubba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yogawithbubba.com"] [uri "/xmlrpc.php"] [unique_id "ak9lDnk0z-MpXJYP5eMRdAAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:39:24
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.c ...
show more
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:39:16.104284 2026] [security2:error] [pid 17401:tid 17401] [client 89.148.40.73:50428] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 89.148.40.73 (+1 hits since last alert)|shhcenter.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shhcenter.com"] [uri "/xmlrpc.php"] [unique_id "ak80BEqTlpgMSx_oyb9_bQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-08 07:46:44
(5 days ago)
(xmlrpc) Apache: Failed xmlrpc access from 89.148.40.73 (BH/Bahrain/dynamic.ip.89.148.40.73.batelco. ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 89.148.40.73 (BH/Bahrain/dynamic.ip.89.148.40.73.batelco.com.bh): 10 in the last 3600 secs (0-201)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-08 06:04:25
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.c ...
show more
(mod_security) mod_security (id:240335) triggered by 89.148.40.73 (dynamic.ip.89.148.40.73.batelco.com.bh): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:04:16.942915 2026] [security2:error] [pid 13712:tid 13712] [client 89.148.40.73:1838] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 89.148.40.73 (+1 hits since last alert)|whiterapperz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whiterapperz.com"] [uri "/xmlrpc.php"] [unique_id "ak3oYGTFsRTMBKX6QYofcgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-07 06:36:13
(6 days ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
Anonymous
2026-07-05 06:02:54
(1 week ago)
[ns31.kdns.gr] httpd-xmlrpc-post: sites=www.teory.gr; logs=/var/log/httpd/domains/teory.gr.log; samp ...
show more
[ns31.kdns.gr] httpd-xmlrpc-post: sites=www.teory.gr; logs=/var/log/httpd/domains/teory.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-02 05:14:04
(1 week ago)
Wordfence waf block on pameganslaw
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-01 10:35:10
(1 week ago)
Wordpress Vunerability attack
Web App Attack