Anonymous
2026-07-14 21:52:58
(15 hours ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 19:52:38
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:52:35.691837 2026] [security2:error] [pid 19050:tid 19050] [client 91.140.63.207:50230] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.140.63.207 (+1 hits since last alert)|pharmaceuticalsalescertifications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescertifications.com"] [uri "/xmlrpc.php"] [unique_id "alaTg6Tpa3SO7MyH1c_BZwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 16:46:03
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 12:45:59.047603 2026] [security2:error] [pid 23332:tid 23332] [client 91.140.63.207:50547] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.140.63.207 (+1 hits since last alert)|bfpsamoa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bfpsamoa.com"] [uri "/xmlrpc.php"] [unique_id "alZnx0kd6MMOeHsdcInPeQAAADI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-13 22:02:23
(1 day ago)
POST /xmlrpc.php [13/Jul/2026:07:24:11
Web App Attack
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-13 21:14:09
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
dynamix
2026-07-13 18:26:41
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-13 17:26:31
(1 day ago)
(wordpress) Failed wordpress login from 91.140.63.207 (GR/Greece/adsl-207.91.140.63.tellas.gr)
Brute-Force
Anonymous
2026-07-13 16:31:09
(1 day ago)
91.140.63.207 - - [13/Jul/2026:18:30:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by W ...
show more
91.140.63.207 - - [13/Jul/2026:18:30:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
91.140.63.207 - - [13/Jul/2026:18:30:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
91.140.63.207 - - [13/Jul/2026:18:30:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
91.140.63.207 - - [13/Jul/2026:18:30:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
91.140.63.207 - - [13/Jul/2026:18:31:09 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.0; WordPress/6.1; http://site58581056.com"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-13 04:30:06
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:29:09
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:29:03.044493 2026] [security2:error] [pid 27304:tid 27304] [client 91.140.63.207:57308] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.140.63.207 (+1 hits since last alert)|aroilcontrolsystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aroilcontrolsystem.com"] [uri "/xmlrpc.php"] [unique_id "alRNbyMSiVXIXvJG2_vbWQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 22:57:03
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 18:56:55.471720 2026] [security2:error] [pid 2433531:tid 2433531] [client 91.140.63.207:1781] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.140.63.207 (+1 hits since last alert)|smilingorc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smilingorc.com"] [uri "/xmlrpc.php"] [unique_id "alQbtwlIydYWWCUm3W24swAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 21:54:48
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 17:54:44.508913 2026] [security2:error] [pid 17683:tid 17683] [client 91.140.63.207:51166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.140.63.207 (+1 hits since last alert)|rodzillacharters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodzillacharters.com"] [uri "/xmlrpc.php"] [unique_id "alQNJJV6HXFb5WEaRuQV9gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-12 21:21:36
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-12 17:58:44
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 91.140.63.207 (adsl-207.91.140.63.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:58:38.948964 2026] [security2:error] [pid 2773:tid 2773] [client 91.140.63.207:9815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 91.140.63.207 (+1 hits since last alert)|limeroc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "limeroc.com"] [uri "/xmlrpc.php"] [unique_id "alPVzp5WPeTw-B6A1eDTuQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-12 16:15:11
(2 days ago)
Repeated attacks detected by Fail2Ban in recidive jail
Hacking