๐ซ๐ท
masterguru
2026-07-04 15:16:50
(1 week ago)
(xmlrpc) Apache: Failed xmlrpc access from 103.125.128.34 (IN/India/-): 10 in the last 3600 secs (0- ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 103.125.128.34 (IN/India/-): 10 in the last 3600 secs (0-201)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 11:42:55
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 07:42:52.469433 2026] [security2:error] [pid 10213:tid 10213] [client 103.125.128.34:63798] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.128.34 (+1 hits since last alert)|kh6jim.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kh6jim.com"] [uri "/xmlrpc.php"] [unique_id "akjxvN8Q2JGkLXhfUi1u5wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-04 11:38:10
(1 week ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 10:43:34
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 06:43:28.983749 2026] [security2:error] [pid 29421:tid 29421] [client 103.125.128.34:54787] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.128.34 (+1 hits since last alert)|clayrivers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "clayrivers.com"] [uri "/xmlrpc.php"] [unique_id "akjj0LpENlPsvvWFM9ih6QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-04 07:05:57
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/-
Web App Attack
Anonymous
2026-07-04 04:34:40
(1 week ago)
Attac
Brute-Force
๐ฆ๐บ
clapper
2026-07-03 04:39:29
(1 week ago)
(mod_security) mod_security (id:350202) triggered by 103.125.128.34 (IN/India/-): 5 in the last 600 ...
show more
(mod_security) mod_security (id:350202) triggered by 103.125.128.34 (IN/India/-): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
Anonymous
2026-07-03 04:38:40
(1 week ago)
(wordpress) Failed wordpress login from 103.125.128.34 (IN/India/-)
Brute-Force
๐ฒ๐พ
Rizzy
2026-07-03 04:08:34
(1 week ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
oralunal
2026-07-02 11:04:10
(1 week ago)
IP banned by Fail2Ban in jail its-suss access.log mvfnds
...
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:32:11
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:32:08.440470 2026] [security2:error] [pid 31795:tid 31795] [client 103.125.128.34:56082] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.128.34 (+1 hits since last alert)|drwolberg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drwolberg.com"] [uri "/xmlrpc.php"] [unique_id "akYiCGKAP_vf0z2MdMdt-gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-02 08:26:20
(1 week ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:03:08
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:03:01.854380 2026] [security2:error] [pid 26232:tid 26306] [client 103.125.128.34:52290] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.128.34 (+1 hits since last alert)|tkfay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tkfay.com"] [uri "/xmlrpc.php"] [unique_id "akYbNbDyAUp9TvkxcK0tWgAAAI4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:30:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.125.128.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:30:52.138160 2026] [security2:error] [pid 30946:tid 30946] [client 103.125.128.34:62893] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.125.128.34 (+1 hits since last alert)|lumentravel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lumentravel.com"] [uri "/xmlrpc.php"] [unique_id "akX3jOgs0r-E-dO8zCII7QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 05:29:24
(1 week ago)
Bad Web Bot
Web App Attack