🇺🇸
TPI-Abuse
2026-07-05 04:51:19
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 00:51:12.993043 2026] [security2:error] [pid 12883:tid 12883] [client 168.181.50.249:15304] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|ideaofauniversity.website|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ideaofauniversity.website"] [uri "/xmlrpc.php"] [unique_id "akniwNeDJ6SUpFAHhC-dbwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇩🇪
abdubhai
2026-07-05 03:36:51
(1 day ago)
168.181.50.249 - - [05/Jul/2026:
...
Brute-Force
🇺🇸
TPI-Abuse
2026-07-04 23:03:23
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:03:16.740118 2026] [security2:error] [pid 32503:tid 32503] [client 168.181.50.249:17315] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|lahamradio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lahamradio.com"] [uri "/xmlrpc.php"] [unique_id "akmRNKU0yO7t3-dmMW_hagAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 21:27:06
(1 day ago)
(wordpress) Failed wordpress login from 168.181.50.249 (BR/Brazil/249.50.181.168.rfc6598.dynamic.cop ...
show more
(wordpress) Failed wordpress login from 168.181.50.249 (BR/Brazil/249.50.181.168.rfc6598.dynamic.copelfibra.com.br)
show less
Brute-Force
🇫🇷
dynamix
2026-07-04 20:56:25
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
🇳🇱
debestelapp
2026-07-04 12:40:07
(2 days ago)
Web App Attack
🇪🇸
alferez
2026-07-04 12:26:20
(2 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
🇺🇸
TPI-Abuse
2026-07-04 11:57:53
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 07:57:45.618424 2026] [security2:error] [pid 4982:tid 4982] [client 168.181.50.249:14953] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|agrollum.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "agrollum.com"] [uri "/xmlrpc.php"] [unique_id "akj1Oe1n3RAVr0Gy_zp6NQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
TPI-Abuse
2026-07-03 13:37:11
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 09:37:07.560070 2026] [security2:error] [pid 3965:tid 3965] [client 168.181.50.249:16094] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|egelfitness.nl|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "egelfitness.nl"] [uri "/xmlrpc.php"] [unique_id "ake7A_ubJ3sTlBYP9Sq6LwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
TPI-Abuse
2026-07-03 04:55:17
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:55:09.715842 2026] [security2:error] [pid 12803:tid 12864] [client 168.181.50.249:14843] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|jpdesign.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jpdesign.us"] [uri "/xmlrpc.php"] [unique_id "akdAre-cjyCgu9zUt-sZ8wAAAYI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
TPI-Abuse
2026-07-03 04:24:40
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:24:35.324983 2026] [security2:error] [pid 14682:tid 14682] [client 168.181.50.249:13085] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|natickvillagerentals.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "natickvillagerentals.com"] [uri "/xmlrpc.php"] [unique_id "akc5g_YZ1EHsA4jye_T8MwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
TPI-Abuse
2026-07-03 03:24:23
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 23:24:18.117498 2026] [security2:error] [pid 28313:tid 28313] [client 168.181.50.249:15191] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|texascottagebakers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "texascottagebakers.com"] [uri "/xmlrpc.php"] [unique_id "akcrYsfwVEMnUtFr1wwHtAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇫🇷
dynamix
2026-07-03 02:19:51
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
🇺🇸
TPI-Abuse
2026-07-03 00:39:22
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic. ...
show more
(mod_security) mod_security (id:240335) triggered by 168.181.50.249 (249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 20:39:18.835028 2026] [security2:error] [pid 19492:tid 19519] [client 168.181.50.249:18183] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.181.50.249 (+1 hits since last alert)|annacaird.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "annacaird.com"] [uri "/xmlrpc.php"] [unique_id "akcEtldpyP-AyiDXx1y-IAAAAFg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇪🇸
masterguru
2026-07-02 14:16:29
(4 days ago)
(xmlrpc) Failed xmlrpc access from 168.181.50.249 (BR/Brazil/249.50.181.168.rfc6598.dynamic.copelfib ...
show more
(xmlrpc) Failed xmlrpc access from 168.181.50.249 (BR/Brazil/249.50.181.168.rfc6598.dynamic.copelfibra.com.br): 5 in the last 3600 secs (0-122)
show less
Hacking