๐ฉ๐ช
LRob
2026-07-16 00:25:17
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.co ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.com
show less
Brute-Force
Web App Attack
๐ฌ๐ง
NotCool
2026-07-15 23:09:45
(2 days ago)
(XMLRPC) WP XMLPRC Attack 39.35.210.45 (PK/Pakistan/-): 50 in the last 3600 secs
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 00:43:36
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 20:43:33.290792 2026] [security2:error] [pid 10943:tid 10943] [client 39.35.210.45:58748] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.210.45 (+1 hits since last alert)|gerrytolentino.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gerrytolentino.net"] [uri "/xmlrpc.php"] [unique_id "albXtdr2agNgzPnga6hRdAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 22:28:30
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-14 21:40:37
(3 days ago)
8.145 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-14 18:41:25
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 14:41:19.239786 2026] [security2:error] [pid 28826:tid 28826] [client 39.35.210.45:61892] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.210.45 (+1 hits since last alert)|wsffjatc.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wsffjatc.org"] [uri "/xmlrpc.php"] [unique_id "alaCz5E2_EPunZAzkiQ5WAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 18:01:44
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 14:01:38.638514 2026] [security2:error] [pid 17590:tid 17590] [client 39.35.210.45:65367] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.210.45 (+1 hits since last alert)|insidepublications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "insidepublications.com"] [uri "/xmlrpc.php"] [unique_id "alZ5gpemV_FbQ6fUWrzG-AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 17:16:55
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.210.45 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 13:16:50.760801 2026] [security2:error] [pid 23146:tid 23146] [client 39.35.210.45:54571] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.210.45 (+1 hits since last alert)|studiopilates.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "studiopilates.net"] [uri "/xmlrpc.php"] [unique_id "alZvAq1pWTykpeBwKzpgwwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
afleventoffice.com.au
2026-07-14 11:15:16
(3 days ago)
POST /xmlrpc.php HTTP/1.1
Web App Attack