๐ฉ๐ช
LRob
2026-07-13 05:27:42
(4 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; ht ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; https://wordpress.com","Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)","Jetpack/13.0; WordPress/6.4; http://site59049564.com
show less
Brute-Force
Web App Attack
๐ฌ๐ง
Apache
2026-07-13 04:02:02
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (CA/Canada/-): 5 in the last 300 ...
show more
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (CA/Canada/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:28:28
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:28:20.939824 2026] [security2:error] [pid 8126:tid 8126] [client 135.12.209.221:62633] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 135.12.209.221 (+1 hits since last alert)|michelehoop.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michelehoop.com"] [uri "/xmlrpc.php"] [unique_id "alRbVC7MVi8HO7pMQIRmrAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 00:01:25
(10 hours ago)
2.628 requests from abuseipdb.com blacklisted IP (11mos2d10h)
Brute-Force
Bad Web Bot
๐ซ๐ท
dynamix
2026-07-12 17:22:23
(16 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-12 16:53:39
(17 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
ghostwarriors
2026-07-12 16:50:09
(17 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 16:21:33
(17 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 13:51:21
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 09:51:15.520047 2026] [security2:error] [pid 532:tid 532] [client 135.12.209.221:59486] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 135.12.209.221 (+1 hits since last alert)|lighthousescm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lighthousescm.com"] [uri "/xmlrpc.php"] [unique_id "alOb0_bgstRuoPvYnnOqJQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
bigwavedave
2026-07-12 13:48:37
(20 hours ago)
Wordpress Attack
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-12 10:00:57
(1 day ago)
Wordpress unauthorized access attempt
Brute-Force
๐ง๐ท
dominioz
2026-07-12 04:53:43
(1 day ago)
2026-07-12 04:52:49 POST /xmlrpc.php - - 135.12.209.221 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+1 ...
show more
2026-07-12 04:52:49 POST /xmlrpc.php - - 135.12.209.221 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+12.1;+WordPress+6.2) - 200 650
2026-07-12 04:52:57 POST /xmlrpc.php - - 135.12.209.221 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-07-12 04:53:07 POST /xmlrpc.php - - 135.12.209.221 HTTP/1.1 Jetpack+by+WordPress.com - 200 650
2026-07-12 04:53:18 POST /xmlrpc.php - - 135.12.209.221 HTTP/1.1 Jetpack+by+WordPress.com+(Jetpack+13.0;+WordPress+6.2) - 200 650
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 22:45:09
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 18:45:03.431598 2026] [security2:error] [pid 25058:tid 25058] [client 135.12.209.221:63271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 135.12.209.221 (+1 hits since last alert)|innolympics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "innolympics.com"] [uri "/xmlrpc.php"] [unique_id "alLHb0-aQoK95uP-dIu6eAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 19:43:15
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 135.12.209.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 15:43:09.138660 2026] [security2:error] [pid 8599:tid 8599] [client 135.12.209.221:49890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 135.12.209.221 (+1 hits since last alert)|tourissue.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tourissue.com"] [uri "/xmlrpc.php"] [unique_id "alKczacMxtuSrabEKzbAUgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-11 19:41:12
(1 day ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack