๐ซ๐ท
dynamix
2026-06-30 13:34:13
(20 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-06-29 16:42:22
(1 day ago)
[redacted] 95.216.206.33 - - [29/Jun/2026:18:41:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ...
show more
[redacted] 95.216.206.33 - - [29/Jun/2026:18:41:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 95.216.206.33 - - [29/Jun/2026:18:41:49 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site92500289.com"
[redacted] 95.216.206.33 - - [29/Jun/2026:18:42:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
[redacted] 95.216.206.33 - - [29/Jun/2026:18:42:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 95.216.206.33 - - [29/Jun/2026:18:42:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ฌ๐ง
noise.agency
2026-06-29 14:37:00
(1 day ago)
(wordpress) Failed wordpress login from 95.216.206.33 (FI/Finland/static.33.206.216.95.clients.your- ...
show more
(wordpress) Failed wordpress login from 95.216.206.33 (FI/Finland/static.33.206.216.95.clients.your-server.de)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 10:05:11
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.you ...
show more
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:05:07.936377 2026] [security2:error] [pid 24789:tid 24789] [client 95.216.206.33:39006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.216.206.33 (+1 hits since last alert)|nuewines.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nuewines.com"] [uri "/xmlrpc.php"] [unique_id "akJDU5xDTU6piv-fRtZyDgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 15:35:23
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.you ...
show more
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 11:35:17.304652 2026] [security2:error] [pid 10370:tid 10370] [client 95.216.206.33:41964] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.216.206.33 (+1 hits since last alert)|fishleadership.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fishleadership.org"] [uri "/xmlrpc.php"] [unique_id "ajK-tf90kE9S9momrp4RgwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 13:50:38
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.you ...
show more
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:50:31.790463 2026] [security2:error] [pid 18599:tid 18599] [client 95.216.206.33:56382] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.216.206.33 (+1 hits since last alert)|stlouisdave.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stlouisdave.com"] [uri "/xmlrpc.php"] [unique_id "ajKmJ9fvbzL32PL73N0rrAAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 13:20:39
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.you ...
show more
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:20:31.723692 2026] [security2:error] [pid 27715:tid 27715] [client 95.216.206.33:51054] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.216.206.33 (+1 hits since last alert)|nekstlevel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nekstlevel.com"] [uri "/xmlrpc.php"] [unique_id "ajKfH1MDcKh9A7vQKHz78gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 22:49:48
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.you ...
show more
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:49:44.283826 2026] [security2:error] [pid 12016:tid 12016] [client 95.216.206.33:47600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.216.206.33 (+1 hits since last alert)|caymancline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caymancline.com"] [uri "/xmlrpc.php"] [unique_id "aidHCDtmbHhchsALf28W_wAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-06-08 11:59:18
(3 weeks ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
Anonymous
2026-06-07 17:16:10
(3 weeks ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-28 14:35:14
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.you ...
show more
(mod_security) mod_security (id:240335) triggered by 95.216.206.33 (static.33.206.216.95.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 10:35:07.440239 2026] [security2:error] [pid 28069:tid 28085] [client 95.216.206.33:43386] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.216.206.33 (+1 hits since last alert)|culturallyyours.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "culturallyyours.org"] [uri "/xmlrpc.php"] [unique_id "ahhSm0b-kpbJUxyMiIpDWQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-05-28 13:49:12
(1 month ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack