๐บ๐ธ
TPI-Abuse
2026-07-12 16:43:57
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 12:43:52.635435 2026] [security2:error] [pid 13339:tid 13339] [client 94.57.99.4:63236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 94.57.99.4 (+1 hits since last alert)|lambert-heating-and-air.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lambert-heating-and-air.com"] [uri "/xmlrpc.php"] [unique_id "alPESL-Ec0RIpP9Z6vofMgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-12 16:20:12
(5 hours ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 09:51:30
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 05:51:23.818852 2026] [security2:error] [pid 14573:tid 14573] [client 94.57.99.4:55156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 94.57.99.4 (+1 hits since last alert)|ontimelogistiks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ontimelogistiks.com"] [uri "/xmlrpc.php"] [unique_id "alNjm27p3A8NhCVfqfVCrAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-12 03:57:36
(17 hours ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐ง๐ช
cmbplf
2026-07-12 03:02:52
(18 hours ago)
2.370 requests from abuseipdb.com blacklisted IP (1yr6mos2w)
Brute-Force
Bad Web Bot
๐ซ๐ท
SpaceHost-Server
2026-07-12 02:01:32
(19 hours ago)
94.57.99.4 - - [12/Jul/2026:04:01:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by Word ...
show more
94.57.99.4 - - [12/Jul/2026:04:01:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com"
94.57.99.4 - - [12/Jul/2026:04:01:20 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com"
94.57.99.4 - - [12/Jul/2026:04:01:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com"
show less
Hacking
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-12 01:46:04
(20 hours ago)
94.57.99.4 - - [12/Jul/2026:03:45:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by Word ...
show more
94.57.99.4 - - [12/Jul/2026:03:45:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com"
94.57.99.4 - - [12/Jul/2026:03:45:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "Jetpack by WordPress.com"
94.57.99.4 - - [12/Jul/2026:03:46:04 +0200] "POST /xmlrpc.php HTTP/1.1" 200 430 "-" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 01:16:58
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 21:16:51.107622 2026] [security2:error] [pid 21680:tid 21680] [client 94.57.99.4:51401] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 94.57.99.4 (+1 hits since last alert)|sutherlandyogastudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sutherlandyogastudio.com"] [uri "/xmlrpc.php"] [unique_id "alLrA1rD4bZZ_RrWnXvT4QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 20:42:09
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 16:42:05.812781 2026] [security2:error] [pid 18855:tid 18855] [client 94.57.99.4:56920] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 94.57.99.4 (+1 hits since last alert)|garantaconsulting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "garantaconsulting.com"] [uri "/xmlrpc.php"] [unique_id "alKqnVs-LKWtXZNvFk2QzAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 19:10:22
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 15:10:14.379817 2026] [security2:error] [pid 25319:tid 25319] [client 94.57.99.4:54501] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 94.57.99.4 (+1 hits since last alert)|kidswow.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kidswow.com"] [uri "/xmlrpc.php"] [unique_id "alKVFuBjFM0sYavTOzCLQQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-11 08:25:57
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ช๐ธ
masterguru
2026-07-11 08:25:27
(1 day ago)
(xmlrpc) Failed xmlrpc access from 94.57.99.4 (AE/United Arab Emirates/-): 5 in the last 3600 secs ( ...
show more
(xmlrpc) Failed xmlrpc access from 94.57.99.4 (AE/United Arab Emirates/-): 5 in the last 3600 secs (0-122)
show less
Hacking
๐ฎ๐น
CoreTech srl
2026-07-11 07:45:24
(1 day ago)
ntopng alert: blacklisted_server_contact
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-11 01:38:48
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 94.57.99.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 21:38:39.859304 2026] [security2:error] [pid 24801:tid 24801] [client 94.57.99.4:57527] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 94.57.99.4 (+1 hits since last alert)|theamarals.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theamarals.com"] [uri "/xmlrpc.php"] [unique_id "alGen16WKZus4nMtptXH4gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-11 00:54:48
(1 day ago)
94.57.99.4 - - [11/Jul/2026:05:5
...
Brute-Force