๐ซ๐ท
tecnicorioja
2026-07-06 22:02:26
(2 days ago)
POST /xmlrpc.php [06/Jul/2026:06:53:07
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 08:02:44
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:02:32.126840 2026] [security2:error] [pid 5549:tid 5549] [client 103.91.72.20:62820] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|firebelly.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "firebelly.org"] [uri "/xmlrpc.php"] [unique_id "akthGK4aNQCA7BwdPrLDtgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-06 07:55:12
(3 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:29:02
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:28:57.489134 2026] [security2:error] [pid 4278:tid 4278] [client 103.91.72.20:49914] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|cathybermanmft.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cathybermanmft.com"] [uri "/xmlrpc.php"] [unique_id "aktZOR1_8k0uf9JaBP4rqgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 07:28:29
(3 days ago)
(wordpress) Failed wordpress login from 103.91.72.20 (IN/India/axntech-dynamic-20.72.91.103.axntechn ...
show more
(wordpress) Failed wordpress login from 103.91.72.20 (IN/India/axntech-dynamic-20.72.91.103.axntechnologies.in)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 06:59:53
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:59:47.915681 2026] [security2:error] [pid 15422:tid 15422] [client 103.91.72.20:61484] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|studiopilates.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "studiopilates.net"] [uri "/xmlrpc.php"] [unique_id "aktSY5gvffDOJjsn0EL2ogAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-06 06:00:18
(3 days ago)
Attaque distribuรฉe subnet
DDoS Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:56:28
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:56:20.647746 2026] [security2:error] [pid 24181:tid 24181] [client 103.91.72.20:62119] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|gulftelecom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gulftelecom.com"] [uri "/xmlrpc.php"] [unique_id "aktDhJqBC0dkyFt1A35GSAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-06 05:36:20
(3 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:33:58
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:33:53.698080 2026] [security2:error] [pid 12495:tid 12495] [client 103.91.72.20:52924] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|kawkacevents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kawkacevents.com"] [uri "/xmlrpc.php"] [unique_id "aks-QfEr0RvBKiBganBprQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 05:24:23
(3 days ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:06:32
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:06:26.229342 2026] [security2:error] [pid 15535:tid 15535] [client 103.91.72.20:58956] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|hookedupfishing.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hookedupfishing.net"] [uri "/xmlrpc.php"] [unique_id "aks30h-m_uadomW0HubigQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-06 04:54:21
(3 days ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:35:50
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axnt ...
show more
(mod_security) mod_security (id:240335) triggered by 103.91.72.20 (axntech-dynamic-20.72.91.103.axntechnologies.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:35:44.765422 2026] [security2:error] [pid 14490:tid 14490] [client 103.91.72.20:58344] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.91.72.20 (+1 hits since last alert)|yuichiro.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yuichiro.us"] [uri "/xmlrpc.php"] [unique_id "akswoFV-cCCRYskKitlH2AAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-06 04:24:02
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH