|
๐ฉ๐ช
LRob
|
|
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
|
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
(wordpress) Failed wordpress login from 157.15.235.48 (IN/India/-/-/-/[redacted])
|
Brute-Force
|
|
|
Anonymous
|
|
Attac
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 22:52:34.241372 2026] [security2:error] [pid 8124:tid 8124] [client 157.15.235.48:57820] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.15.235.48 (+1 hits since last alert)|gellertdealers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gellertdealers.com"] [uri "/xmlrpc.php"] [unique_id "akMvcis7BR_r4ESsdY1v0QAAABo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 21:46:00.265427 2026] [security2:error] [pid 3008:tid 3008] [client 157.15.235.48:62321] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.15.235.48 (+1 hits since last alert)|braintechsoftwaresolutions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "braintechsoftwaresolutions.com"] [uri "/xmlrpc.php"] [unique_id "akMf2J8KtA7284A1cNutdQAAABQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:28:04.335759 2026] [security2:error] [pid 26691:tid 26691] [client 157.15.235.48:49258] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.15.235.48 (+1 hits since last alert)|innovacionesnimba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "innovacionesnimba.com"] [uri "/xmlrpc.php"] [unique_id "akJWxNRDmfZLisK7IA9c7gAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
integrantservices.com
|
|
(wordpress) Failed wordpress login from 157.15.235.48 (IN/India/-)
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:39:50.486433 2026] [security2:error] [pid 22268:tid 22268] [client 157.15.235.48:64504] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.15.235.48 (+1 hits since last alert)|btsalesrep.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "btsalesrep.com"] [uri "/xmlrpc.php"] [unique_id "akI9ZhZly2TuU-12hLQb7wAAAAM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
n2nguyenn2nguyen
|
|
Blocked by YFC Security on https://brixzly.com โ type: xmlrpc_attempts
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 157.15.235.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:04:02.366813 2026] [security2:error] [pid 12638:tid 12638] [client 157.15.235.48:64702] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.15.235.48 (+1 hits since last alert)|madisonmedia.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "madisonmedia.ai"] [uri "/xmlrpc.php"] [unique_id "akI1Ag9zchGkWl0VS_UhJwAAABI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
Marc
|
|
157.15.235.48 - - [29/Jun/2026:10:17:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3419 "-" "Jetpack/12. ...
show more
157.15.235.48 - - [29/Jun/2026:10:17:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3419 "-" "Jetpack/12.1; WordPress/6.4; http://site45918065.com" 157.15.235.48 - - [29/Jun/2026:10:18:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3467 "-" "WordPress.com; https://wordpress.com" 157.15.235.48 - - [29/Jun/2026:10:18:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3466 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
show less
|
Brute-Force
Web App Attack
|
|
|
๐ซ๐ท
masterguru
|
|
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
|
Hacking
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐ณ๐ฑ
exxos
|
|
Attacks with Bad user agents
|
Hacking
|
|