๐ซ๐ท
applemooz
2026-07-08 19:46:44
(1 day ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ฒ๐น
Malta
2026-07-08 19:45:56
(1 day ago)
45.164.122.18 - - [08/Jul/2026:21:45:56 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack by WordPress.com ...
show more
45.164.122.18 - - [08/Jul/2026:21:45:56 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
show less
Hacking
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-08 11:38:02
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ช๐ธ
alferez
2026-07-07 19:06:17
(2 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐ฉ๐ช
konseptit
2026-07-07 14:19:27
(2 days ago)
(wordpress) Failed wordpress login from 45.164.122.18 (BR/Brazil/vtek122-18.vtek.net.br)
Brute-Force
Anonymous
2026-07-07 13:50:31
(2 days ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=www.eumedline.com; logs=/var/log/httpd/domains/eumedline.co ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=www.eumedline.com; logs=/var/log/httpd/domains/eumedline.com.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
LRob
2026-07-07 13:48:10
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; ht ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; https://wordpress.com","Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)","Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 11:50:28
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.164.122.18 (vtek122-18.vtek.net.br): 1 in th ...
show more
(mod_security) mod_security (id:240335) triggered by 45.164.122.18 (vtek122-18.vtek.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 07:50:24.630997 2026] [security2:error] [pid 9735:tid 9735] [client 45.164.122.18:5136] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.164.122.18 (+1 hits since last alert)|tracytappan.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tracytappan.net"] [uri "/xmlrpc.php"] [unique_id "akzoAGj1i46_-1Cg2YJDzQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 19:16:11
(3 days ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 18:12:50
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 45.164.122.18 (vtek122-18.vtek.net.br): 1 in th ...
show more
(mod_security) mod_security (id:240335) triggered by 45.164.122.18 (vtek122-18.vtek.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 14:12:44.741705 2026] [security2:error] [pid 7298:tid 7298] [client 45.164.122.18:5089] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.164.122.18 (+1 hits since last alert)|rdhtrucking.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rdhtrucking.com"] [uri "/xmlrpc.php"] [unique_id "akvwHPYyKBZwZzFWqNMwVAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 14:33:15
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 45.164.122.18 (vtek122-18.vtek.net.br): 1 in th ...
show more
(mod_security) mod_security (id:240335) triggered by 45.164.122.18 (vtek122-18.vtek.net.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 10:33:10.625309 2026] [security2:error] [pid 6319:tid 6319] [client 45.164.122.18:5395] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.164.122.18 (+1 hits since last alert)|brbcoin.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "brbcoin.com"] [uri "/xmlrpc.php"] [unique_id "aku8pvG2EMfM99nvoT3bMQAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 18:16:59
(6 days ago)
2.554 requests from abuseipdb.com blacklisted IP (1yr3mos6d)
Brute-Force
Bad Web Bot
Anonymous
2026-07-03 15:15:14
(6 days ago)
Attac
Brute-Force
๐ฒ๐น
Malta
2026-07-01 19:59:24
(1 week ago)
45.164.122.18 - - [01/Jul/2026:21:59:24 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://w ...
show more
45.164.122.18 - - [01/Jul/2026:21:59:24 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 17:27:33
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH