🇪🇸
alferez
2026-07-04 17:06:20
(1 hour ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
🇺🇸
TPI-Abuse
2026-07-04 12:57:17
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 190.102.53.1 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 190.102.53.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 08:57:14.229149 2026] [security2:error] [pid 1525:tid 1525] [client 190.102.53.1:16771] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 190.102.53.1 (+1 hits since last alert)|agworldmissions.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "agworldmissions.org"] [uri "/xmlrpc.php"] [unique_id "akkDKqljtC0vxStwt6lzYgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇳🇱
Site.eu
2026-07-04 09:30:28
(9 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
🇺🇸
TPI-Abuse
2026-07-04 07:07:59
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 190.102.53.1 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 190.102.53.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:07:54.623326 2026] [security2:error] [pid 32033:tid 32033] [client 190.102.53.1:16887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 190.102.53.1 (+1 hits since last alert)|bergenoaks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bergenoaks.com"] [uri "/xmlrpc.php"] [unique_id "akixSsfQuWkPZ7RWn8hXqwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 06:27:45
(12 hours ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
🇺🇸
TPI-Abuse
2026-07-04 04:15:25
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 190.102.53.1 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 190.102.53.1 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:15:22.638221 2026] [security2:error] [pid 14151:tid 14173] [client 190.102.53.1:16858] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 190.102.53.1 (+1 hits since last alert)|sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sparkhypnotherapy.com"] [uri "/xmlrpc.php"] [unique_id "akiI2saX9gQWMcZFXkeiQQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇫🇷
dynamix
2026-07-04 02:13:04
(16 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-04 01:30:04
(17 hours ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-04 01:13:18
(17 hours ago)
[ns31.kdns.gr] httpd-xmlrpc-post: sites=www.dimitrisanousis.com; logs=/var/log/httpd/domains/dimitri ...
show more
[ns31.kdns.gr] httpd-xmlrpc-post: sites=www.dimitrisanousis.com; logs=/var/log/httpd/domains/dimitrisanousis.com.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
🇳🇱
ConsulHosting
2026-07-04 00:26:45
(18 hours ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
🇧🇪
cmbplf
2026-07-04 00:23:03
(18 hours ago)
4.227 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
🇩🇪
konseptit
2026-07-03 23:09:12
(19 hours ago)
(wordpress) Failed wordpress login from 190.102.53.1 (BR/Brazil/-)
Brute-Force
🇫🇷
SpaceHost-Server
2026-07-03 22:29:06
(20 hours ago)
Brute-Force
Web App Attack
🇫🇷
francoisunix
2026-07-03 22:07:34
(20 hours ago)
190.102.53.1 - - [03/Jul/2026:22:06:51 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by Wo ...
show more
190.102.53.1 - - [03/Jul/2026:22:06:51 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
190.102.53.1 - - [03/Jul/2026:22:07:01 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack/12.1; WordPress/6.1; http://site80783753.com"
190.102.53.1 - - [03/Jul/2026:22:07:11 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com"
190.102.53.1 - - [03/Jul/2026:22:07:22 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
190.102.53.1 - - [03/Jul/2026:22:07:32 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
🇩🇪
dbmwebdesign
2026-07-03 21:10:05
(21 hours ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack