Anonymous
2026-07-10 08:29:02
(8 minutes ago)
(wordpress) Failed wordpress login from 112.133.215.180 (IN/India/-)
Brute-Force
๐ฉ๐ช
konseptit
2026-07-10 07:58:03
(39 minutes ago)
(wordpress) Failed wordpress login from 112.133.215.180 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-10 03:14:12
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 23:14:07.362651 2026] [security2:error] [pid 2172:tid 2172] [client 112.133.215.180:7738] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 112.133.215.180 (+1 hits since last alert)|cajunpicasso.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cajunpicasso.com"] [uri "/xmlrpc.php"] [unique_id "alBjf83YFwNOIki1DG7TrgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
sssrit
2026-07-09 06:43:49
(1 day ago)
112.133.215.180 - - [09/Jul/2026:08:43:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 478 "-" "Jetpack/12 ...
show more
112.133.215.180 - - [09/Jul/2026:08:43:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 478 "-" "Jetpack/12.1; WordPress/6.3; http://site98185070.com"
112.133.215.180 - - [09/Jul/2026:08:43:48 +0200] "POST /xmlrpc.php HTTP/1.1" 200 478 "-" "Jetpack by WordPress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:12:55
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:12:42.852142 2026] [security2:error] [pid 14130:tid 14130] [client 112.133.215.180:33836] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 112.133.215.180 (+1 hits since last alert)|arsenalfordemocracy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arsenalfordemocracy.com"] [uri "/xmlrpc.php"] [unique_id "ak8fuqS3s8MJojMvFDiL9gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-09 04:10:58
(1 day ago)
(xmlrpc) Apache: Failed xmlrpc access from 112.133.215.180 (IN/India/-): 10 in the last 3600 secs (0 ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 112.133.215.180 (IN/India/-): 10 in the last 3600 secs (0-201)
show less
Hacking
Anonymous
2026-07-09 03:38:27
(1 day ago)
2026-07-09T05:38:26.392557+02:00 aion wordpress[3388593]: XML-RPC authentication attempt for unknown ...
show more
2026-07-09T05:38:26.392557+02:00 aion wordpress[3388593]: XML-RPC authentication attempt for unknown user nanosrvr from 112.133.215.180
...
show less
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-08 05:28:31
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 01:28:26.479184 2026] [security2:error] [pid 19628:tid 19628] [client 112.133.215.180:54884] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 112.133.215.180 (+1 hits since last alert)|cathybermanmft.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cathybermanmft.com"] [uri "/xmlrpc.php"] [unique_id "ak3f-vftreVeYz7azL20RAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 09:24:10
(3 days ago)
Attac
Brute-Force
๐ช๐ธ
masterguru
2026-07-06 04:53:42
(4 days ago)
(xmlrpc) Failed xmlrpc access from 112.133.215.180 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-06 02:44:49
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 112.133.215.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:44:44.099014 2026] [security2:error] [pid 3548:tid 3548] [client 112.133.215.180:34188] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 112.133.215.180 (+1 hits since last alert)|iplantotravel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iplantotravel.com"] [uri "/xmlrpc.php"] [unique_id "aksWnIcjOnmVB8sH8d4SPAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-06 02:37:32
(4 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-05 07:00:23
(5 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
Anonymous
2026-07-05 04:54:06
(5 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-04 08:08:37
(6 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack