๐ฉ๐ช
LRob
2026-07-13 05:20:52
(1 day ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; ht ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; https://wordpress.com","Jetpack by WordPress.com","Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)","Jetpack by WordPress.com
show less
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-12 19:29:23
(1 day ago)
5.611 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-12 15:33:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.60.80.214 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.60.80.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 11:33:25.028781 2026] [security2:error] [pid 3591:tid 3591] [client 39.60.80.214:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.60.80.214 (+1 hits since last alert)|bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bbproductionsonline.com"] [uri "/xmlrpc.php"] [unique_id "alOzxTqFwN8Py2S0286JsgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 19:55:05
(3 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฉ๐ช
rh24
2026-07-10 19:11:59
(3 days ago)
(wordpress) Failed wordpress login from 39.60.80.214 (PK/Pakistan/-): (CF_ENABLE)
Brute-Force
๐ฌ๐ง
consul.to
2026-07-09 05:36:44
(5 days ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 14:09:23
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.60.80.214 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.60.80.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 10:09:16.846317 2026] [security2:error] [pid 31182:tid 31182] [client 39.60.80.214:65407] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.60.80.214 (+1 hits since last alert)|casadelsolmexico.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "casadelsolmexico.net"] [uri "/xmlrpc.php"] [unique_id "ak0IjBOgHuOJUTO3ybccZgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 08:11:01
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 39.60.80.214 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.60.80.214 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:10:54.008806 2026] [security2:error] [pid 9206:tid 9210] [client 39.60.80.214:65064] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.60.80.214 (+1 hits since last alert)|eceinal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eceinal.com"] [uri "/xmlrpc.php"] [unique_id "aky0jg3UNyM9m0lxXfqLFAAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
marten_o
2026-07-05 18:25:07
(1 week ago)
39.60.80.214 - - [05/Jul/2026:20:25:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/13.0; ...
show more
39.60.80.214 - - [05/Jul/2026:20:25:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/13.0; WordPress/6.4; http://site96235988.com" 1293 4350
...
show less
Bad Web Bot
Web App Attack
๐ช๐ธ
SweetHoneyPress
2026-07-05 10:44:56
(1 week ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=993751 | UA: WordPress.com; https://wordpress.com
Web App Attack
Brute-Force
Anonymous
2026-07-05 10:31:39
(1 week ago)
Bad Web Bot
Web App Attack
๐ช๐ธ
SweetHoneyPress
2026-07-05 10:29:50
(1 week ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=993661 | UA: Jetpack by WordPress.com (Jetpack 12 ...
show more
WordPress honeypot: POST to /xmlrpc.php | event_id=993661 | UA: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)
show less
Web App Attack
Brute-Force
Anonymous
2026-07-05 10:03:28
(1 week ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=www.geomed.gr; logs=/var/log/httpd/domains/geomed.gr.log; s ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=www.geomed.gr; logs=/var/log/httpd/domains/geomed.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack