๐ฉ๐ช
LRob
2026-07-13 11:37:40
(3 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.co ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.com
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-10 14:37:22
(6 days ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 103.182.221.232 (IN/India/-): 1 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 103.182.221.232 (IN/India/-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
ambor
2026-07-10 09:10:13
(6 days ago)
Honeypot access: WordPress XML-RPC attack attempt. Path: /xmlrpc.php
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-10 05:54:09
(6 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-07 09:49:57
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
-
Web App Attack
Anonymous
2026-07-04 08:27:24
(1 week ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 08:02:10
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.182.221.232 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 103.182.221.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:02:05.782071 2026] [security2:error] [pid 10604:tid 10604] [client 103.182.221.232:41993] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.182.221.232 (+1 hits since last alert)|honigcpa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "honigcpa.com"] [uri "/xmlrpc.php"] [unique_id "aki9_Tk1hJ32pFHfeY24jwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 06:56:14
(1 week ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 06:03:50
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.182.221.232 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 103.182.221.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:03:45.494886 2026] [security2:error] [pid 2845:tid 2845] [client 103.182.221.232:42147] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.182.221.232 (+1 hits since last alert)|mahjongcouture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mahjongcouture.com"] [uri "/xmlrpc.php"] [unique_id "akiiQWSPwe214-eoau3QagAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-29 17:06:13
(2 weeks ago)
Xmlrpc Caught (6)
Brute-Force
Web App Attack
Anonymous
2026-06-29 08:28:09
(2 weeks ago)
ModSecurity rejected a query
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:49:24
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.182.221.232 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 103.182.221.232 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:49:16.686454 2026] [security2:error] [pid 28545:tid 28545] [client 103.182.221.232:41933] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thenolangroup.llc|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thenolangroup.llc"] [uri "/wp-json/wp/v2/users"] [unique_id "akIjfFru-SCvGcG5CcIOwgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-23 15:00:12
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-19 13:18:25
(3 weeks ago)
(xmlrpc) Apache: Failed xmlrpc access from 103.182.221.232 (IN/India/-): 10 in the last 3600 secs (0 ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 103.182.221.232 (IN/India/-): 10 in the last 3600 secs (0-201)
show less
Hacking
๐บ๐ธ
0tsystems
2026-06-19 12:15:53
(3 weeks ago)
Automated scan detected on 0t.systems: /xmlrpc.php
Web App Attack