Anonymous
2026-07-01 07:27:10
(3 hours ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 05:40:39
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:40:30.682840 2026] [security2:error] [pid 4578:tid 4578] [client 103.181.62.71:56245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.181.62.71 (+1 hits since last alert)|wsspy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wsspy.com"] [uri "/xmlrpc.php"] [unique_id "akSoTqO0t7flZOLnEOegTwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 04:17:51
(6 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฆ๐บ
screwlooseit.com.au
2026-06-30 13:33:20
(20 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 04:26:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:26:17.917007 2026] [security2:error] [pid 30095:tid 30100] [client 103.181.62.71:64697] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.181.62.71 (+1 hits since last alert)|kemalinal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kemalinal.com"] [uri "/xmlrpc.php"] [unique_id "akNFaU27l-xU19PKt22k5gAAAQE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-06-30 01:33:03
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-06-29 12:06:04
(1 day ago)
Trying to access config files
Web App Attack
๐ซ๐ท
dynamix
2026-06-29 11:58:44
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:36:59
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:36:51.989112 2026] [security2:error] [pid 5207:tid 5207] [client 103.181.62.71:63133] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.181.62.71 (+1 hits since last alert)|frelsburg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "frelsburg.com"] [uri "/xmlrpc.php"] [unique_id "akIuoxAXo32rX_4UEuXWEAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-29 08:34:40
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-06-29 07:03:02
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-06-29 05:11:43
(2 days ago)
103.181.62.71 - - [29/Jun/2026:07:11:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
103.181.62.71 - - ...
show more
103.181.62.71 - - [29/Jun/2026:07:11:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
103.181.62.71 - - [29/Jun/2026:07:11:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
...
show less
Brute-Force
Bad Web Bot
๐ซ๐ฎ
YF
2026-06-29 04:00:28
(2 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
Anonymous
2026-06-26 14:04:19
(4 days ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 12:12:46
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 103.181.62.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:12:39.822137 2026] [security2:error] [pid 26216:tid 26216] [client 103.181.62.71:57170] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.181.62.71 (+1 hits since last alert)|puckerbikini.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "puckerbikini.com"] [uri "/xmlrpc.php"] [unique_id "aj5stxVbmM3K6Q30QtL5mAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack