๐ช๐ธ
SweetHoneyPress
2026-07-06 03:30:41
(13 hours ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=995662 | UA: Jetpack by WordPress.com (Jetpack 13 ...
show more
WordPress honeypot: POST to /xmlrpc.php | event_id=995662 | UA: Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)
show less
Web App Attack
Brute-Force
๐ช๐ธ
SweetHoneyPress
2026-07-06 03:15:39
(13 hours ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=995576 | UA: Jetpack by WordPress.com (Jetpack 12 ...
show more
WordPress honeypot: POST to /xmlrpc.php | event_id=995576 | UA: Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)
show less
Web App Attack
Brute-Force
๐ซ๐ท
Lunix
2026-07-06 00:31:46
(16 hours ago)
Brute-Force
Web App Attack
๐ง๐พ
lns.bz
2026-07-06 00:30:56
(16 hours ago)
Banned for trying to access xmlrpc [BY]
Web App Attack
๐ช๐ธ
alferez
2026-07-05 14:26:22
(1 day ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 08:50:23
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 04:50:17.759489 2026] [security2:error] [pid 14127:tid 14178] [client 136.158.46.20:41097] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.46.20 (+1 hits since last alert)|giere.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "giere.us"] [uri "/xmlrpc.php"] [unique_id "akoayVa_mWSjgTXvXNOY9wAAAU0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-05 04:37:14
(1 day ago)
5.124 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐ซ๐ฎ
YF
2026-07-05 04:00:52
(1 day ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ซ๐ท
masterguru
2026-07-05 02:23:44
(1 day ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ช๐ธ
masterguru
2026-07-04 12:02:09
(2 days ago)
(xmlrpc) Failed xmlrpc access from 136.158.46.20 (PH/Philippines/20.46.158.136.convergeict.com): 5 i ...
show more
(xmlrpc) Failed xmlrpc access from 136.158.46.20 (PH/Philippines/20.46.158.136.convergeict.com): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 05:58:45
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:58:36.510008 2026] [security2:error] [pid 10104:tid 10104] [client 136.158.46.20:3912] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.46.20 (+1 hits since last alert)|havenlaneministries.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "havenlaneministries.com"] [uri "/xmlrpc.php"] [unique_id "akihDBXcBludj2ANFCwNVAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 04:56:10
(2 days ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-04 02:24:07
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:24:03.534219 2026] [security2:error] [pid 29811:tid 29811] [client 136.158.46.20:47112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.46.20 (+1 hits since last alert)|centrodentalsindolor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "centrodentalsindolor.com"] [uri "/xmlrpc.php"] [unique_id "akhuw456aC7MVzS4hntYyQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
F242
2026-07-04 00:50:00
(2 days ago)
Wordpress soft lock
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 23:50:13
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): ...
show more
(mod_security) mod_security (id:240335) triggered by 136.158.46.20 (20.46.158.136.convergeict.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:50:08.610943 2026] [security2:error] [pid 9291:tid 9291] [client 136.158.46.20:22085] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 136.158.46.20 (+1 hits since last alert)|bzbdesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bzbdesigns.com"] [uri "/xmlrpc.php"] [unique_id "akhKsN8D1gqBFbsjyCai-AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack