๐ณ๐ฑ
Site.eu
2026-07-06 09:25:15
(27 minutes ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-06 08:50:40
(1 hour ago)
Attac
Brute-Force
๐ซ๐ท
applemooz
2026-07-06 07:28:42
(2 hours ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
Anonymous
2026-07-06 05:55:38
(3 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:45:57
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:45:53.729138 2026] [security2:error] [pid 4438:tid 4438] [client 27.147.218.169:51669] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 27.147.218.169 (+1 hits since last alert)|reallifelearninghub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reallifelearninghub.com"] [uri "/xmlrpc.php"] [unique_id "aktBEXvOWDvf8SRwQTUM3AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-06 05:00:42
(4 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 04:35:44
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:35:38.764515 2026] [security2:error] [pid 17118:tid 17118] [client 27.147.218.169:59737] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 27.147.218.169 (+1 hits since last alert)|goseethenurse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/xmlrpc.php"] [unique_id "akswmgNo1Mq9Cu157e886QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-06 04:15:08
(5 hours ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 03:45:37
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 23:45:30.786491 2026] [security2:error] [pid 30655:tid 30655] [client 27.147.218.169:51774] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 27.147.218.169 (+1 hits since last alert)|activethinkers.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "activethinkers.net"] [uri "/xmlrpc.php"] [unique_id "aksk2v5_HiMmulP8B2FUPwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 10:00:31
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 06:00:24.604888 2026] [security2:error] [pid 20306:tid 20306] [client 27.147.218.169:65206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 27.147.218.169 (+1 hits since last alert)|nextlevelcharge.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nextlevelcharge.com"] [uri "/xmlrpc.php"] [unique_id "akorOMRWuAhoktBfmQhIrAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 09:35:18
(1 day ago)
Fail2ban filtered
...
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-05 08:30:51
(1 day ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 07:26:03
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 03:25:56.649272 2026] [security2:error] [pid 26280:tid 26280] [client 27.147.218.169:61861] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 27.147.218.169 (+1 hits since last alert)|telecompros.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "telecompros.net"] [uri "/xmlrpc.php"] [unique_id "akoHBCxxaoJYKPLpDbgE6gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 06:24:48
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 27.147.218.169 (218.169.cetus.link3.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 02:24:43.571346 2026] [security2:error] [pid 5275:tid 5275] [client 27.147.218.169:65011] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 27.147.218.169 (+1 hits since last alert)|thebrotherhoodlounge.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thebrotherhoodlounge.com"] [uri "/xmlrpc.php"] [unique_id "akn4q-Hq053vlSgayPopGAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-05 04:35:28
(1 day ago)
7.311 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot