๐ซ๐ฎ
YF
2026-07-15 08:30:38
(6 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-15 01:44:59
(13 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
SpaceHost-Server
2026-07-14 22:27:42
(16 hours ago)
Brute-Force
Web App Attack
Anonymous
2026-07-14 09:07:03
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ท
Lunix
2026-07-14 06:35:28
(1 day ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 22:29:52
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs) ...
show more
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 18:29:47.227054 2026] [security2:error] [pid 7692:tid 7692] [client 188.120.102.233:18423] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.120.102.233 (+1 hits since last alert)|aandbnaturalfoods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aandbnaturalfoods.com"] [uri "/xmlrpc.php"] [unique_id "alVm243gaavNt6UCbWL2BwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-13 20:52:05
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ช๐ธ
librebit
2026-07-13 18:08:21
(1 day ago)
Brute force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 12:02:06
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs) ...
show more
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 08:01:58.065952 2026] [security2:error] [pid 6185:tid 6185] [client 188.120.102.233:18339] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.120.102.233 (+1 hits since last alert)|glassclublake.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "glassclublake.com"] [uri "/xmlrpc.php"] [unique_id "alTTtqFjjq66lI0gCZGdBwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-13 08:22:01
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)","Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)","Jetpack by WordPress.com","Jetpack
show less
Brute-Force
Web App Attack
Anonymous
2026-07-13 08:21:55
(2 days ago)
(wordpress) Failed wordpress login from 188.120.102.233 (RS/Serbia/188-120-102-233.dynamic.a1.rs)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 05:21:02
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs) ...
show more
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 01:20:57.259997 2026] [security2:error] [pid 5792:tid 5792] [client 188.120.102.233:18244] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.120.102.233 (+1 hits since last alert)|greatchristianadventure.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greatchristianadventure.com"] [uri "/xmlrpc.php"] [unique_id "alR1ua0SNtMnBI348S7NpAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 03:01:32
(2 days ago)
2.291 requests from abuseipdb.com blacklisted IP (6mos1w12h)
Brute-Force
Bad Web Bot
๐บ๐ธ
integrantservices.com
2026-07-13 01:31:20
(2 days ago)
(wordpress) Failed wordpress login from 188.120.102.233 (RS/Serbia/188-120-102-233.dynamic.a1.rs)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-12 21:21:27
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs) ...
show more
(mod_security) mod_security (id:240335) triggered by 188.120.102.233 (188-120-102-233.dynamic.a1.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 17:21:20.823079 2026] [security2:error] [pid 12039:tid 12039] [client 188.120.102.233:18251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.120.102.233 (+1 hits since last alert)|edgecomix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgecomix.com"] [uri "/xmlrpc.php"] [unique_id "alQFUINKSdS7kTHXs7oMegAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack