๐บ๐ธ
TPI-Abuse
2026-07-06 20:49:14
(10 seconds ago)
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:49:00.818972 2026] [security2:error] [pid 3605:tid 3605] [client 49.36.181.58:63560] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.36.181.58 (+1 hits since last alert)|thepercussionworks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "akwUvJ-pBqLoayM-5bQQDAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 20:20:31
(28 minutes ago)
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:20:21.693784 2026] [security2:error] [pid 17090:tid 17090] [client 49.36.181.58:13794] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.36.181.58 (+1 hits since last alert)|verdeprofundo.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "akwOBSOWnBJnGre2x5Em_QAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-06 18:45:28
(2 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
applemooz
2026-07-06 18:01:47
(2 hours ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ฉ๐ช
konseptit
2026-07-06 17:03:04
(3 hours ago)
(wordpress) Failed wordpress login from 49.36.181.58 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 16:47:00
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 12:46:50.308398 2026] [security2:error] [pid 26664:tid 26664] [client 49.36.181.58:62787] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.36.181.58 (+1 hits since last alert)|suswastima.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "suswastima.com"] [uri "/xmlrpc.php"] [unique_id "akvb-seCOG3RFB7vuckrUAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-06 16:32:49
(4 hours ago)
19.489 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-06 16:01:16
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 12:01:07.525386 2026] [security2:error] [pid 6404:tid 6404] [client 49.36.181.58:29633] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.36.181.58 (+1 hits since last alert)|se-advisorsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "se-advisorsgroup.com"] [uri "/xmlrpc.php"] [unique_id "akvRQ6-T6Q0YE7tdYP0xUQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-06 14:55:47
(5 hours ago)
(wordpress) Failed wordpress login from 49.36.181.58 (IN/India/-)
Brute-Force
Anonymous
2026-07-06 13:55:10
(6 hours ago)
Attac
Brute-Force
Anonymous
2026-07-06 13:26:40
(7 hours ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 12:55:34
(7 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:55:21.879037 2026] [security2:error] [pid 20616:tid 20616] [client 49.36.181.58:23268] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.36.181.58 (+1 hits since last alert)|kritaka.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kritaka.ai"] [uri "/xmlrpc.php"] [unique_id "akuluS4Xk8XqFk6GedLalAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
SweetHoneyPress
2026-07-06 12:54:49
(7 hours ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=997938 | UA: Jetpack by WordPress.com
Web App Attack
Brute-Force
๐ซ๐ท
dynamix
2026-07-06 11:42:31
(9 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 11:33:29
(9 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 49.36.181.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 07:33:19.599668 2026] [security2:error] [pid 3548:tid 3573] [client 49.36.181.58:62978] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.36.181.58 (+1 hits since last alert)|artmarialeon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artmarialeon.com"] [uri "/xmlrpc.php"] [unique_id "akuSf2LFZnwcT0gcyDt7mAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack