๐ฒ๐พ
Rizzy
2026-07-18 16:38:47
(21 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-07-17 13:52:29
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack/12.1; WordPress ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack/12.1; WordPress/6.4; http://site82334379.com
show less
Brute-Force
Web App Attack
๐บ๐ธ
cwytech
2026-07-17 12:06:46
(2 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-geofence-sus.
Bad Web Bot
Web App Attack
๐ฌ๐ง
Greg Poulson
2026-07-17 09:03:57
(2 days ago)
Our website was hit by this DDOS at a rate of 10 in 5 minutes.
DDoS Attack
Web Spam
Brute-Force
๐บ๐ธ
Dolphi
2026-07-17 06:40:05
(2 days ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
๐ฉ๐ช
konseptit
2026-07-15 22:01:53
(3 days ago)
(wordpress) Failed wordpress login from 185.141.76.252 (RU/Russia/-)
Brute-Force
๐ฉ๐ช
ghostwarriors
2026-07-15 14:51:03
(3 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 14:42:18
(3 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 13:23:23
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 09:23:19.226852 2026] [security2:error] [pid 30710:tid 30710] [client 185.141.76.252:52804] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.141.76.252 (+1 hits since last alert)|tttns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tttns.com"] [uri "/xmlrpc.php"] [unique_id "aleJx6AOEIjmiv3MFNVeeQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-15 13:20:07
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 22:58:50
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 18:58:43.894408 2026] [security2:error] [pid 13902:tid 13902] [client 185.141.76.252:11638] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.141.76.252 (+1 hits since last alert)|billwegener.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "billwegener.net"] [uri "/xmlrpc.php"] [unique_id "ala_I2iVDQMhYbdGcAaK-AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 22:30:38
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 18:30:29.235135 2026] [security2:error] [pid 1146:tid 1146] [client 185.141.76.252:46254] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.141.76.252 (+1 hits since last alert)|kritaka.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kritaka.ai"] [uri "/xmlrpc.php"] [unique_id "ala4hSXLFyR0BINsNIaoPQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 19:02:22
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.141.76.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:02:17.263545 2026] [security2:error] [pid 20342:tid 20342] [client 185.141.76.252:30114] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.141.76.252 (+1 hits since last alert)|activethinkers.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "activethinkers.net"] [uri "/xmlrpc.php"] [unique_id "alaHua_ZnfLwOy_WuAzf6wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-14 16:46:32
(4 days ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-12 21:00:32
(6 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force