Anonymous
2026-06-30 20:28:10
(1 hour ago)
Attac
Brute-Force
๐ซ๐ฎ
YF
2026-06-30 13:01:49
(8 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
Anonymous
2026-06-29 15:23:03
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-29 12:32:15
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐ฉ๐ช
rh24
2026-06-28 15:56:55
(2 days ago)
(xmlrpc_405) XMLRPC-Bot 405 41.46.17.164 (EG/Egypt/-)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-28 15:00:21
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:00:15.450329 2026] [security2:error] [pid 14615:tid 14615] [client 41.46.17.164:12444] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.46.17.164 (+1 hits since last alert)|visionremota.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "visionremota.info"] [uri "/xmlrpc.php"] [unique_id "akE2_4w5xHSNOm0u-8seuwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-28 14:26:15
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฆ๐บ
paulshipley.com.au
2026-06-28 13:28:20
(2 days ago)
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:23:14 +1000] "POST /xmlrpc.php HTTP/1.1" 503 2 ...
show more
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:23:14 +1000] "POST /xmlrpc.php HTTP/1.1" 503 23837 "-" "Jetpack by WordPress.com"
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:23:24 +1000] "POST /xmlrpc.php HTTP/1.1" 503 22774 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:23:35 +1000] "POST /xmlrpc.php HTTP/1.1" 503 22774 "-" "WordPress.com; https://wordpress.com"
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:23:45 +1000] "POST /xmlrpc.php HTTP/1.1" 503 22773 "-" "Jetpack/12.0; WordPress/6.1; http://site91327983.com"
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:23:56 +1000] "POST /xmlrpc.php HTTP/1.1" 503 22775 "-" "WordPress.com; https://wordpress.com"
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:24:06 +1000] "POST /xmlrpc.php HTTP/1.1" 503 22774 "-" "Jetpack/12.1; WordPress/6.1; http://site91201637.com"
paulshipley.info:443 41.46.17.164 - - [28/Jun/2026:23:24:17 +1000] "POST /
...
show less
Web App Attack
๐ฉ๐ช
Tha_14
2026-06-28 12:54:16
(2 days ago)
Limit on login attempts is reached
Brute-Force
๐ซ๐ท
applemooz
2026-06-28 12:53:38
(2 days ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ฉ๐ช
netclix.gr
2026-06-28 12:22:30
(2 days ago)
(wordpress) Failed wordpress login from 41.46.17.164 (EG/Egypt/-): (CF_ENABLE)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-28 11:22:20
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:22:15.371797 2026] [security2:error] [pid 19835:tid 19835] [client 41.46.17.164:11273] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.46.17.164 (+1 hits since last alert)|fundaciondamashcc.org.ec|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundaciondamashcc.org.ec"] [uri "/xmlrpc.php"] [unique_id "akED53qXcuediqgJvBqzAgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-06-28 07:37:24
(2 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
EG/Egypt/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 07:09:35
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:09:31.368976 2026] [security2:error] [pid 10656:tid 10656] [client 41.46.17.164:10814] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.46.17.164 (+1 hits since last alert)|brianwhitty.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "brianwhitty.com"] [uri "/xmlrpc.php"] [unique_id "akDIq1s7wmFsLPOaHk4DsgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 20:39:40
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.46.17.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:39:36.421403 2026] [security2:error] [pid 16561:tid 16561] [client 41.46.17.164:16063] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.46.17.164 (+1 hits since last alert)|enriquejezik.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enriquejezik.com"] [uri "/xmlrpc.php"] [unique_id "akA1CFzx9EML00hbz7Xx1gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack