Anonymous
2026-07-02 20:48:13
(1 day ago)
Attac
Brute-Force
๐ฉ๐ช
Vegascosmetics
2026-07-02 18:25:56
(1 day ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ฉ๐ช
konseptit
2026-07-02 14:46:33
(1 day ago)
(wordpress) Failed wordpress login from 103.179.124.40 (BD/Bangladesh/-)
Brute-Force
๐ฆ๐บ
QT
2026-07-02 14:40:14
(1 day ago)
Unauthorised WordPress admin login attempted at 2026-07-03 00:40:13 +1000
Web App Attack
Anonymous
2026-07-02 14:16:22
(1 day ago)
[da.kdns.gr] httpd-xmlrpc-post: sites=www.oro24.gr; logs=/var/log/httpd/domains/oro24.gr.log; sample ...
show more
[da.kdns.gr] httpd-xmlrpc-post: sites=www.oro24.gr; logs=/var/log/httpd/domains/oro24.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:20:32
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:20:24.212555 2026] [security2:error] [pid 26153:tid 26153] [client 103.179.124.40:61311] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.179.124.40 (+1 hits since last alert)|nypatriotcards.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nypatriotcards.com"] [uri "/xmlrpc.php"] [unique_id "akWEmBIRjfJ-oQkSKhW7sgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-30 13:03:40
(3 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
kosada.com
2026-06-29 11:50:04
(4 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ณ๐ฟ
Tripwire
2026-06-29 11:48:57
(4 days ago)
Probing for Wordpress - /xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ธ
Dolphi
2026-06-29 08:20:03
(4 days ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 02:07:52
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:07:48.747524 2026] [security2:error] [pid 26693:tid 26693] [client 103.179.124.40:54373] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.179.124.40 (+1 hits since last alert)|certifiedfarmersmarkets.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "certifiedfarmersmarkets.org"] [uri "/xmlrpc.php"] [unique_id "akHTdHHJAJ3YPMKsiR06_wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-06-29 02:05:48
(4 days ago)
(wordpress) Failed wordpress login from 103.179.124.40 (BD/Bangladesh/-): (CF_ENABLE)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-28 21:51:48
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:51:41.815803 2026] [security2:error] [pid 30545:tid 30545] [client 103.179.124.40:60008] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.179.124.40 (+1 hits since last alert)|stoughtonpipeandwelding.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoughtonpipeandwelding.net"] [uri "/xmlrpc.php"] [unique_id "akGXbf4iscG0GeygYO7x2QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 20:50:57
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 103.179.124.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:50:52.055388 2026] [security2:error] [pid 20532:tid 20586] [client 103.179.124.40:59525] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.179.124.40 (+1 hits since last alert)|dwcmachining.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dwcmachining.com"] [uri "/xmlrpc.php"] [unique_id "akGJLPQ7UtKKFeVgutBfWwAAAkg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-06-28 13:21:36
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
-
Web App Attack