๐ซ๐ท
dynamix
2026-07-06 07:27:22
(1 hour ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
applemooz
2026-07-05 14:30:24
(18 hours ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 13:31:36
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 09:31:31.459225 2026] [security2:error] [pid 14215:tid 14215] [client 92.241.37.63:64748] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 92.241.37.63 (+1 hits since last alert)|peterjohnsonauthor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peterjohnsonauthor.com"] [uri "/xmlrpc.php"] [unique_id "akpcs5LXRX5bKvaYEwPLzQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 09:25:58
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 05:25:51.341992 2026] [security2:error] [pid 26058:tid 26058] [client 92.241.37.63:63231] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 92.241.37.63 (+1 hits since last alert)|whiterapperz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whiterapperz.com"] [uri "/xmlrpc.php"] [unique_id "akojHw2k_EZzYfax1ccA_QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-05 08:52:34
(23 hours ago)
(xmlrpc_405) XMLRPC-Bot 405 92.241.37.63 (JO/Jordan/-)
Hacking
๐บ๐ธ
Dolphi
2026-07-04 12:20:05
(1 day ago)
Excessive POST /xmlrpc.php requests
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-04 10:10:45
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ช๐ธ
masterguru
2026-07-04 10:10:19
(1 day ago)
(xmlrpc) Failed xmlrpc access from 92.241.37.63 (JO/Jordan/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-02 15:00:40
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:00:32.682685 2026] [security2:error] [pid 1111:tid 1148] [client 92.241.37.63:60561] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 92.241.37.63 (+1 hits since last alert)|ccgparquitectos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ccgparquitectos.com"] [uri "/xmlrpc.php"] [unique_id "akZ9EOHANrd48_owtWq2hAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 13:58:04
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:57:59.916797 2026] [security2:error] [pid 22357:tid 22357] [client 92.241.37.63:59104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 92.241.37.63 (+1 hits since last alert)|ismaelcavazos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ismaelcavazos.com"] [uri "/xmlrpc.php"] [unique_id "akZuZ7sXFHuKUqbSaS_dRQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-02 12:56:53
(3 days ago)
(wordpress) Failed wordpress login from 92.241.37.63 (JO/Jordan/-): (CF_ENABLE)
Brute-Force
๐ช๐ธ
masterguru
2026-07-02 10:56:01
(3 days ago)
(xmlrpc) Failed xmlrpc access from 92.241.37.63 (JO/Jordan/-): 5 in the last 3600 secs (0-122)
Hacking
๐ณ๐ฑ
BlueWire Hosting
2026-07-02 05:33:08
(4 days ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 06:38:11
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 92.241.37.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:38:05.945681 2026] [security2:error] [pid 22171:tid 22171] [client 92.241.37.63:51077] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 92.241.37.63 (+1 hits since last alert)|gellertdealers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gellertdealers.com"] [uri "/xmlrpc.php"] [unique_id "akS1zYjncuPvKbIq-yoMwQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-06-30 09:01:09
(5 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force