๐ซ๐ฎ
YF
2026-07-12 10:00:36
(1 day ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ณ๐ฑ
ConsulHosting
2026-07-07 14:23:01
(6 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐ณ๐ฑ
javierin
2026-07-02 14:10:33
(1 week ago)
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:08:56 +0000] "POST /xmlrpc.php HTTP/1.1" 503 19301 ...
show more
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:08:56 +0000] "POST /xmlrpc.php HTTP/1.1" 503 19301 "-" "WordPress.com; https://wordpress.com"
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:09:06 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "WordPress.com; https://wordpress.com"
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:09:16 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18297 "-" "Jetpack by WordPress.com"
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:09:27 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "WordPress.com; https://wordpress.com"
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:09:38 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:09:49 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
160.30.39.36 - mamaexperta.es - - [02/Jul/2026:14:10:00 +0000] "POST /xmlrpc.php HTTP/1.1" 503 18269 "-" "Jetpac
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 14:26:04
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline ...
show more
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 10:25:56.773000 2026] [security2:error] [pid 8768:tid 8768] [client 160.30.39.36:62204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.30.39.36 (+1 hits since last alert)|certifiedfarmersmarkets.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "certifiedfarmersmarkets.org"] [uri "/xmlrpc.php"] [unique_id "akUjdPsKQjpThC-x7L2OywAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-06-29 17:04:03
(2 weeks ago)
Wordfence waf block on pameganslaw
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 12:17:42
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline ...
show more
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:17:35.868273 2026] [security2:error] [pid 12089:tid 12089] [client 160.30.39.36:62423] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.30.39.36 (+1 hits since last alert)|schlegelcreative.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "aj5t31wgZeGs9GzpXaiBNgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 07:34:55
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline ...
show more
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 03:34:47.233398 2026] [security2:error] [pid 32612:tid 32623] [client 160.30.39.36:65437] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.30.39.36 (+1 hits since last alert)|whatismetamodern.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "aj4rl6s0ZxuXjSNvkMyNIQAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 04:57:43
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline ...
show more
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:57:35.099942 2026] [security2:error] [pid 30554:tid 30554] [client 160.30.39.36:61628] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.30.39.36 (+1 hits since last alert)|hsoftwaresystems.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hsoftwaresystems.net"] [uri "/xmlrpc.php"] [unique_id "aj4Gv225Eh0QSwpAXmjOOQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-14 05:22:10
(4 weeks ago)
Attac
Brute-Force
๐บ๐ธ
WeekendWeb
2026-06-01 07:21:19
(1 month ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-05-30 15:21:58
(1 month ago)
[ns65.kdns.gr] httpd-xmlrpc-post: sites=inagia.gr; logs=/var/log/httpd/domains/inagia.gr.log; sample ...
show more
[ns65.kdns.gr] httpd-xmlrpc-post: sites=inagia.gr; logs=/var/log/httpd/domains/inagia.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
WeekendWeb
2026-05-30 14:39:48
(1 month ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-05-30 14:10:15
(1 month ago)
Attac
Brute-Force
๐ธ๐ช
konseptit
2026-05-30 07:10:08
(1 month ago)
(wordpress) Failed wordpress login from 160.30.39.36 (IN/India/static-160-30-39-36.aeronetonline.in)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-28 06:52:49
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline ...
show more
(mod_security) mod_security (id:240335) triggered by 160.30.39.36 (static-160-30-39-36.aeronetonline.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 02:52:39.672694 2026] [security2:error] [pid 23018:tid 23018] [client 160.30.39.36:55741] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.30.39.36 (+1 hits since last alert)|calogerolawfirm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "calogerolawfirm.com"] [uri "/xmlrpc.php"] [unique_id "ahfmN6BNgdDmZHGfYw-EOwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack