๐ซ๐ท
dynamix
2026-07-04 06:46:03
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
abdubhai
2026-06-24 06:28:27
(3 weeks ago)
149.54.72.142 - - [24/Jun/2026:1
...
Brute-Force
๐ซ๐ท
dynamix
2026-06-22 10:01:46
(3 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-22 09:34:35
(3 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
Anonymous
2026-06-22 05:23:56
(3 weeks ago)
149.54.72.142 - - [22/Jun/2026:13:23:55 +0800] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by W ...
show more
149.54.72.142 - - [22/Jun/2026:13:23:55 +0800] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
soverin
2026-06-21 07:54:06
(3 weeks ago)
spam
Email Spam
๐บ๐ธ
integrantservices.com
2026-06-17 05:20:43
(4 weeks ago)
(wordpress) Failed wordpress login from 149.54.72.142 (AF/Afghanistan/-)
Brute-Force
๐ฉ๐ช
4server
2026-06-16 09:14:17
(4 weeks ago)
[TueJun1611:14:12.1059342026][security2:error][pid954737:tid954744][client149.54.72.142:0]ModSecurit ...
show more
[TueJun1611:14:12.1059342026][security2:error][pid954737:tid954744][client149.54.72.142:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"noleggi.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajET5COiDE_pnMAWflab5QAAAIQ\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 10:37:07
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 149.54.72.142 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 149.54.72.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:37:04.016285 2026] [security2:error] [pid 24872:tid 24872] [client 149.54.72.142:50868] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 149.54.72.142 (+1 hits since last alert)|konahawaii.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "konahawaii.com"] [uri "/xmlrpc.php"] [unique_id "ai_V0BQ13T18Y1XzriK4iwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-15 06:26:08
(1 month ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-14 10:16:56
(1 month ago)
Web App Attack
Web App Attack
๐บ๐ธ
xmission.com
2026-06-13 09:17:22
(1 month ago)
Blocked 27 connection attempts due to Spamhaus RBL (RJCT05) in the past 4 hours. To request delistin ...
show more
Blocked 27 connection attempts due to Spamhaus RBL (RJCT05) in the past 4 hours. To request delisting, visit https://www.spamhaus.org/lookup/ to check your IP status and submit a delist request if eligible.
show less
Email Spam
๐ซ๐ท
Yepngo
2026-06-11 09:33:14
(1 month ago)
149.54.72.142 - - [11/Jun/2026:11:33:05 +0200] "POST /xmlrpc.php HTTP/2.0" 200 410 "-" "WordPress.co ...
show more
149.54.72.142 - - [11/Jun/2026:11:33:05 +0200] "POST /xmlrpc.php HTTP/2.0" 200 410 "-" "WordPress.com; https://wordpress.com"
149.54.72.142 - - [11/Jun/2026:11:33:14 +0200] "POST /xmlrpc.php HTTP/2.0" 200 410 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 05:30:22
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 149.54.72.142 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 149.54.72.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:30:16.322434 2026] [security2:error] [pid 5115:tid 5115] [client 149.54.72.142:10450] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 149.54.72.142 (+1 hits since last alert)|vintageamptubes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vintageamptubes.com"] [uri "/xmlrpc.php"] [unique_id "aipH6G6YLhn5ufDJhJsAoAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SMARTNET
2026-05-27 06:03:53
(1 month ago)
Aisuru(Mirai variant) DDoS | Incident ID: 4acf41a8-b801-4675-a9cd-4cf95dcec3e7
DDoS Attack