Anonymous
2026-07-17 09:21:52
(10 hours ago)
[redacted] 49.228.157.34 - - [17/Jul/2026:11:21:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 49.228.157.34 - - [17/Jul/2026:11:21:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site21438037.com"
[redacted] 49.228.157.34 - - [17/Jul/2026:11:21:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site50005377.com"
[redacted] 49.228.157.34 - - [17/Jul/2026:11:21:28 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
[redacted] 49.228.157.34 - - [17/Jul/2026:11:21:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 49.228.157.34 - - [17/Jul/2026:11:21:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site58535233.com"
...
show less
Hacking
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-17 08:53:45
(10 hours ago)
[DC: IP:151.1.252.27] ntopng alert: blacklisted_server_contact
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 03:04:05
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.228.157.34 (49-228-157-0.24.myaisfibre.com): ...
show more
(mod_security) mod_security (id:240335) triggered by 49.228.157.34 (49-228-157-0.24.myaisfibre.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:03:57.903123 2026] [security2:error] [pid 192649:tid 192649] [client 49.228.157.34:55245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.228.157.34 (+1 hits since last alert)|prodosafe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prodosafe.com"] [uri "/xmlrpc.php"] [unique_id "almbnYmXDzwnQ90iNHGXcgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-17 00:58:22
(18 hours ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-07-16 17:55:22
(1 day ago)
[redacted] 49.228.157.34 - - [16/Jul/2026:19:55:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 49.228.157.34 - - [16/Jul/2026:19:55:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
[redacted] 49.228.157.34 - - [16/Jul/2026:19:55:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 49.228.157.34 - - [16/Jul/2026:19:55:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 49.228.157.34 - - [16/Jul/2026:19:55:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
[redacted] 49.228.157.34 - - [16/Jul/2026:19:55:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site93447712.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-16 17:25:05
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-16 06:36:51
(1 day ago)
Fail2ban filtered
...
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-16 00:20:30
(1 day ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-16 00:07:49
(1 day ago)
49.228.157.34 - - [16/Jul/2026:0
...
Brute-Force
Anonymous
2026-07-16 00:07:26
(1 day ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marc
2026-07-15 12:43:21
(2 days ago)
49.228.157.34 - - [15/Jul/2026:14:43:01 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4841 "-" "WordPress.c ...
show more
49.228.157.34 - - [15/Jul/2026:14:43:01 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4841 "-" "WordPress.com; https://wordpress.com" 49.228.157.34 - - [15/Jul/2026:14:43:11 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4841 "-" "Jetpack/12.5; WordPress/6.3; http://site64821479.com" 49.228.157.34 - - [15/Jul/2026:14:43:20 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4840 "-" "Jetpack by WordPress.com"
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-15 08:16:02
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack