๐บ๐ธ
IndigoRidge
2026-07-13 19:07:24
(2 days ago)
197.52.92.19 - - [13/Jul/2026:15:05:48 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5728 "-" "WordPress.co ...
show more
197.52.92.19 - - [13/Jul/2026:15:05:48 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5728 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:15:05:59 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5744 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:15:07:02 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5744 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:15:07:13 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5744 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:15:07:24 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5760 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 19:04:20
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 197.52.92.19 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.52.92.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 15:04:14.911770 2026] [security2:error] [pid 22108:tid 22108] [client 197.52.92.19:59075] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.52.92.19 (+1 hits since last alert)|ubuciko.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ubuciko.com"] [uri "/xmlrpc.php"] [unique_id "alU2rqponc-FDY9fS2f7cwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-13 17:03:36
(2 days ago)
197.52.92.19 - - [13/Jul/2026:13:02:00 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5539 "-" "WordPress.co ...
show more
197.52.92.19 - - [13/Jul/2026:13:02:00 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5539 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:13:02:10 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5539 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:13:02:21 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5539 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:13:03:03 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5539 "-" "WordPress.com; https://wordpress.com"
197.52.92.19 - - [13/Jul/2026:13:03:35 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5539 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
Anonymous
2026-07-13 14:20:10
(2 days ago)
Web attack blocked by Wordfence on 1valkenburg.nl (149 hits). Reported by CRMON.
Web App Attack
๐ซ๐ท
dynamix
2026-07-13 13:56:31
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 12:57:42
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 197.52.92.19 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.52.92.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 08:57:39.270651 2026] [security2:error] [pid 31353:tid 31353] [client 197.52.92.19:49705] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.52.92.19 (+1 hits since last alert)|soonerstone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "soonerstone.com"] [uri "/xmlrpc.php"] [unique_id "alTgw02lZCD5QS9GfJBycQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-07-13 11:37:53
(2 days ago)
197.52.92.19 - [13/Jul/2026:14:37:43 +0300] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "Jetpack/12.1; W ...
show more
197.52.92.19 - [13/Jul/2026:14:37:43 +0300] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "Jetpack/12.1; WordPress/6.4; http://site58523338.com" "-"
197.52.92.19 - [13/Jul/2026:14:37:53 +0300] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" "-"
...
show less
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:24:52
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 197.52.92.19 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 197.52.92.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:24:48.586347 2026] [security2:error] [pid 8662:tid 8662] [client 197.52.92.19:52070] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.52.92.19 (+1 hits since last alert)|verdeprofundo.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "alTLAEf9sD3qw5YiIcO-rwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
bittiguru.fi
2026-07-13 11:22:37
(2 days ago)
197.52.92.19 - [13/Jul/2026:14:22:27 +0300] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "WordPress.com; ...
show more
197.52.92.19 - [13/Jul/2026:14:22:27 +0300] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "WordPress.com; https://wordpress.com" "-"
197.52.92.19 - [13/Jul/2026:14:22:37 +0300] "POST /xmlrpc.php HTTP/1.1" 200 428 "-" "Jetpack by WordPress.com" "-"
...
show less
Hacking
Brute-Force
Web App Attack