Anonymous
2026-07-03 05:06:33
(15 hours ago)
Trying to access config files
Web App Attack
๐ช๐ธ
SweetHoneyPress
2026-07-02 09:04:20
(1 day ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=977081 | UA: WordPress.com; https://wordpress.com
Web App Attack
Brute-Force
๐ช๐ธ
SweetHoneyPress
2026-07-02 08:49:10
(1 day ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=976991 | UA: WordPress.com; https://wordpress.com
Web App Attack
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-02 02:09:24
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
big-cloud.nl
2026-07-02 00:26:51
(1 day ago)
Try to access /xmlrpc.php
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-01 23:23:05
(1 day ago)
Wordpress unauthorized access attempt
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2026-07-01 21:20:25
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
US/United States/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 18:27:39
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 14:27:31.715749 2026] [security2:error] [pid 21698:tid 21698] [client 104.233.9.242:56296] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.233.9.242 (+1 hits since last alert)|magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magacine.tv"] [uri "/xmlrpc.php"] [unique_id "akVcE326GzbyKeeMy3dBDQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-01 18:25:04
(2 days ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:23:05
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:22:59.805216 2026] [security2:error] [pid 8332:tid 8332] [client 104.233.9.242:60072] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.233.9.242 (+1 hits since last alert)|wholesalelivelobsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wholesalelivelobsters.com"] [uri "/xmlrpc.php"] [unique_id "akU-48gjlTuQ9_BK-0WRugAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 16:06:04
(2 days ago)
Trying to access config files
Web App Attack
๐ซ๐ท
dynamix
2026-07-01 14:17:34
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
ANTI SCANNER
2026-07-01 09:36:46
(2 days ago)
Scanner : /xmlrpc.php
Web Spam
๐บ๐ธ
TPI-Abuse
2026-07-01 00:07:17
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 20:07:13.499254 2026] [security2:error] [pid 16732:tid 16732] [client 104.233.9.242:50382] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.233.9.242 (+1 hits since last alert)|infinityartistsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "infinityartistsgroup.com"] [uri "/xmlrpc.php"] [unique_id "akRaMR1MDHi0LiRTuTZclQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 21:32:12
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 104.233.9.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:32:05.144114 2026] [security2:error] [pid 29295:tid 29295] [client 104.233.9.242:56808] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.233.9.242 (+1 hits since last alert)|egelfitness.nl|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "egelfitness.nl"] [uri "/xmlrpc.php"] [unique_id "akQ11aQe8KJO1ZooJKH8MAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack