๐ณ๐ฑ
Site.eu
2026-07-14 06:58:57
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
ghostwarriors
2026-07-13 05:20:51
(2 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 04:53:02
(3 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-10 04:48:00
(6 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-10 00:04:33
(6 days ago)
Wordpress unauthorized access attempt
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2026-07-09 07:43:57
(6 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ID/Indonesia/-
Web App Attack
๐ฎ๐ฉ
zam
2026-07-09 01:02:05
(1 week ago)
202.46.68.225 - - [09/Jul/2026:01:02:00 +0000] "POST /xmlrpc.php HTTP/1.1" 302 271
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 23:01:57
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:01:53.380706 2026] [security2:error] [pid 6906:tid 6906] [client 202.46.68.225:59797] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.225 (+1 hits since last alert)|apexandroids.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apexandroids.com"] [uri "/xmlrpc.php"] [unique_id "ak7W4ZUwxlm6usFvlA2GeAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 20:51:17
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 16:51:10.613570 2026] [security2:error] [pid 21720:tid 21720] [client 202.46.68.225:55502] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.225 (+1 hits since last alert)|suswastima.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "suswastima.com"] [uri "/xmlrpc.php"] [unique_id "ak64PtNrWMbExRcPsfR_fgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 16:48:11
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 12:48:04.872785 2026] [security2:error] [pid 13834:tid 13834] [client 202.46.68.225:52084] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.225 (+1 hits since last alert)|verdeprofundo.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "verdeprofundo.net"] [uri "/xmlrpc.php"] [unique_id "ak5_REoV4ZcCTrCCWmbADAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 15:15:41
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:15:33.619116 2026] [security2:error] [pid 26686:tid 26731] [client 202.46.68.225:60942] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.225 (+1 hits since last alert)|ccgparquitectos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ccgparquitectos.com"] [uri "/xmlrpc.php"] [unique_id "ak5plVtw3epGTySCpTD2dgAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Tripwire
2026-07-08 11:58:25
(1 week ago)
Probing for Wordpress - /xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 10:15:26
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 06:15:21.355029 2026] [security2:error] [pid 18347:tid 18347] [client 202.46.68.225:59003] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.225 (+1 hits since last alert)|cliniquecavalancia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cliniquecavalancia.com"] [uri "/xmlrpc.php"] [unique_id "ak4jOVg6lpLv97wO2Vf_oAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 06:39:20
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 202.46.68.225 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:39:14.986496 2026] [security2:error] [pid 1956:tid 1956] [client 202.46.68.225:64437] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 202.46.68.225 (+1 hits since last alert)|visionremota.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "visionremota.info"] [uri "/xmlrpc.php"] [unique_id "ak3wkn5q5oUMJUBmonY8JwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-08 02:57:09
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack