π©πͺ
stinpriza
2026-07-08 19:35:15
(23 hours ago)
Web App Attack
Web App Attack
π³π±
Site.eu
2026-07-08 18:33:25
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
π«π·
LRob
2026-07-08 09:58:15
(1 day ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; ht ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; https://wordpress.com","Jetpack by WordPress.com","Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"]
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-06 20:00:24
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 96.9.148.214 (static-host-96-9-148-214.awasr.om ...
show more
(mod_security) mod_security (id:240335) triggered by 96.9.148.214 (static-host-96-9-148-214.awasr.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:00:17.709123 2026] [security2:error] [pid 9582:tid 9582] [client 96.9.148.214:53172] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 96.9.148.214 (+1 hits since last alert)|nidusmbt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nidusmbt.com"] [uri "/xmlrpc.php"] [unique_id "akwJUfkdHNq4FuCkItPNHgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-05 10:16:04
(4 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-07-03 20:30:00
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 96.9.148.214 (static-host-96-9-148-214.awasr.om ...
show more
(mod_security) mod_security (id:240335) triggered by 96.9.148.214 (static-host-96-9-148-214.awasr.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:29:54.715697 2026] [security2:error] [pid 8647:tid 8647] [client 96.9.148.214:50584] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 96.9.148.214 (+1 hits since last alert)|bosdkbook.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bosdkbook.com"] [uri "/xmlrpc.php"] [unique_id "akgbwqB3h3XzREgruQ9aYQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
alferez
2026-07-03 11:56:20
(6 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
πΊπΈ
TAY
2026-07-03 11:40:50
(6 days ago)
96.9.148.214 - - [03/Jul/2026:19:40:29 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "WordPress.co ...
show more
96.9.148.214 - - [03/Jul/2026:19:40:29 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "WordPress.com; https://wordpress.com"
96.9.148.214 - - [03/Jul/2026:19:40:39 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "WordPress.com; https://wordpress.com"
96.9.148.214 - - [03/Jul/2026:19:40:49 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
π«π·
tecnicorioja
2026-07-01 22:00:25
(1 week ago)
POST /xmlrpc.php [01/Jul/2026:05:16:38
Brute-Force
Web App Attack
π«π·
dynamix
2026-06-28 20:08:42
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π³π±
debestelapp
2026-06-27 19:25:06
(1 week ago)
Web App Attack
Anonymous
2026-06-26 20:45:36
(1 week ago)
(wordpress) Failed wordpress login from 96.9.148.214 (OM/Oman/static-host-96-9-148-214.awasr.om)
Brute-Force
π³π±
Site.eu
2026-06-26 09:44:14
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-06-23 15:40:45
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 96.9.148.214 (static-host-96-9-148-214.awasr.om ...
show more
(mod_security) mod_security (id:240335) triggered by 96.9.148.214 (static-host-96-9-148-214.awasr.om): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 11:40:40.099716 2026] [security2:error] [pid 996:tid 996] [client 96.9.148.214:10155] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 96.9.148.214 (+1 hits since last alert)|d-sinema.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "ajqo-EcLcbVTXntdW2lHIgAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-23 15:39:45
(2 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH