๐ช๐ธ
masterguru
2026-07-03 05:40:14
(4 hours ago)
(xmlrpc) Failed xmlrpc access from 197.156.125.13 (ET/Ethiopia/-): 5 in the last 3600 secs (0-122)
Hacking
๐ซ๐ท
masterguru
2026-07-02 13:24:23
(20 hours ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ซ๐ท
dynamix
2026-07-02 06:57:21
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:44:58
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:44:51.920341 2026] [security2:error] [pid 8235:tid 8235] [client 197.156.125.13:16602] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.156.125.13 (+1 hits since last alert)|technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "akX606cDLZNMk1wAZgjcqAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 09:22:02
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:21:54.896762 2026] [security2:error] [pid 4466:tid 4466] [client 197.156.125.13:39103] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.156.125.13 (+1 hits since last alert)|magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magacine.tv"] [uri "/xmlrpc.php"] [unique_id "akTcMiRJL-5qvJ72ybaguQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-01 08:56:18
(2 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:54:51
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:54:43.943081 2026] [security2:error] [pid 8451:tid 8451] [client 197.156.125.13:18763] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.156.125.13 (+1 hits since last alert)|alejandrogorsse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "alejandrogorsse.com"] [uri "/xmlrpc.php"] [unique_id "akTV00Z4QTloOQP6eyNYdgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 08:52:08
(2 days ago)
197.156.125.13 - - [01/Jul/2026:10:51:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
197.156.125.13 - ...
show more
197.156.125.13 - - [01/Jul/2026:10:51:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
197.156.125.13 - - [01/Jul/2026:10:52:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
...
show less
Brute-Force
Bad Web Bot
๐ซ๐ท
dynamix
2026-06-30 08:51:51
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-06-26 12:45:20
(6 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
Anonymous
2026-06-25 12:31:13
(1 week ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-25 11:45:24
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 07:45:18.246007 2026] [security2:error] [pid 5779:tid 5779] [client 197.156.125.13:41680] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.156.125.13 (+1 hits since last alert)|morninginc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "morninginc.com"] [uri "/xmlrpc.php"] [unique_id "aj0Uznq2eXmoxvGW5-u6nQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-25 11:42:00
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 08:40:08
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 197.156.125.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:40:01.984602 2026] [security2:error] [pid 12940:tid 12940] [client 197.156.125.13:14596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.156.125.13 (+1 hits since last alert)|michelehoop.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michelehoop.com"] [uri "/xmlrpc.php"] [unique_id "ajzpYcjt-SqpfmANoAeovgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-25 12:50:26
(1 month ago)
Attac
Brute-Force