๐ซ๐ฎ
YF
2026-06-26 08:00:23
(1 week ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ช๐ธ
masterguru
2026-06-25 12:34:55
(1 week ago)
(xmlrpc) Failed xmlrpc access from 103.142.106.42 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
Anonymous
2026-06-25 08:25:37
(1 week ago)
Bad Web Bot
Web App Attack
Anonymous
2026-06-25 04:40:41
(1 week ago)
(wordpress) Failed wordpress login from 103.142.106.42 (IN/India/-)
Brute-Force
๐ณ๐ฑ
ConsulHosting
2026-06-24 13:18:58
(1 week ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
Anonymous
2026-06-24 12:31:05
(1 week ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 12:03:49
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 08:03:43.775723 2026] [security2:error] [pid 27482:tid 27482] [client 103.142.106.42:57620] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.142.106.42 (+1 hits since last alert)|kavahawaii.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kavahawaii.com"] [uri "/xmlrpc.php"] [unique_id "ajvHn3TVcr9BT0HLKRPNgAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 11:31:42
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 07:31:38.066436 2026] [security2:error] [pid 4254:tid 4254] [client 103.142.106.42:63935] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.142.106.42 (+1 hits since last alert)|haverhillhouse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "haverhillhouse.com"] [uri "/xmlrpc.php"] [unique_id "ajvAGsnSv8v90l1evVII-AAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-24 10:29:32
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
lostswordfish.com
2026-06-24 10:28:06
(1 week ago)
Wordfence waf block on kcuar
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 07:29:28
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 03:29:21.857507 2026] [security2:error] [pid 31713:tid 31713] [client 103.142.106.42:61025] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.142.106.42 (+1 hits since last alert)|edmestonfd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edmestonfd.com"] [uri "/xmlrpc.php"] [unique_id "ajuHUQ7hsWcdZO9XRcL5rAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 06:26:06
(1 week ago)
[redacted] 103.142.106.42 - - [24/Jun/2026:08:25:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 103.142.106.42 - - [24/Jun/2026:08:25:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 103.142.106.42 - - [24/Jun/2026:08:25:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 103.142.106.42 - - [24/Jun/2026:08:25:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.142.106.42 - - [24/Jun/2026:08:25:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 103.142.106.42 - - [24/Jun/2026:08:26:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-06-24 05:55:12
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 05:25:59
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 01:25:52.536581 2026] [security2:error] [pid 17036:tid 17036] [client 103.142.106.42:63820] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.142.106.42 (+1 hits since last alert)|boaredraven.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "boaredraven.com"] [uri "/xmlrpc.php"] [unique_id "ajtqYJbeUPtQkShBJJSLrQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 11:36:53
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.142.106.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 07:36:50.110577 2026] [security2:error] [pid 23712:tid 23712] [client 103.142.106.42:60498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.142.106.42 (+1 hits since last alert)|rajabarber.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rajabarber.com"] [uri "/xmlrpc.php"] [unique_id "ajpv0lWpQXYLM-eo8J6FlAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack