๐บ๐ธ
TPI-Abuse
2026-07-08 04:30:05
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 00:29:50.903846 2026] [security2:error] [pid 10049:tid 10069] [client 36.65.104.136:61131] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|gryphix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gryphix.com"] [uri "/xmlrpc.php"] [unique_id "ak3SPj2r5P8qteEzUicp5wAAAJI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 00:24:56
(18 hours ago)
(wordpress) Failed wordpress login from 36.65.104.136 (ID/Indonesia/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 09:48:35
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:48:24.750816 2026] [security2:error] [pid 19627:tid 19627] [client 36.65.104.136:64910] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|lysedzija.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lysedzija.com"] [uri "/xmlrpc.php"] [unique_id "akzLaHmvOh3pk1go_OSHOQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 08:23:49
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:23:34.124078 2026] [security2:error] [pid 20036:tid 20036] [client 36.65.104.136:55514] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|eta-mct.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eta-mct.com"] [uri "/xmlrpc.php"] [unique_id "aky3hjNHlrzlEsgnkNQs1QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 07:24:38
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 03:24:21.313212 2026] [security2:error] [pid 17584:tid 17584] [client 36.65.104.136:56746] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|lemoulinavent.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lemoulinavent.org"] [uri "/xmlrpc.php"] [unique_id "akyppbctzGO8mDNzhK_tmwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 01:22:44
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 21:22:31.034777 2026] [security2:error] [pid 21747:tid 21758] [client 36.65.104.136:60076] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|eliteproductions.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eliteproductions.tv"] [uri "/xmlrpc.php"] [unique_id "akxU18tNYbnJGIiTJdNTHgAAAQc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 04:35:10
(2 days ago)
Attac
Brute-Force
๐ฉ๐ช
lenz
2026-07-06 03:52:18
(2 days ago)
Jul 6 05:51:36 hosting wordpress(grupa-ddd.pl)[2270]: XML-RPC authentication failure for admin from ...
show more
Jul 6 05:51:36 hosting wordpress(grupa-ddd.pl)[2270]: XML-RPC authentication failure for admin from 36.65.104.136
Jul 6 05:51:46 hosting wordpress(grupa-ddd.pl)[11564]: XML-RPC authentication failure for admin from 36.65.104.136
Jul 6 05:51:56 hosting wordpress(grupa-ddd.pl)[1201]: XML-RPC authentication failure for admin from 36.65.104.136
Jul 6 05:52:07 hosting wordpress(grupa-ddd.pl)[6431]: XML-RPC authentication failure for admin from 36.65.104.136
Jul 6 05:52:17 hosting wordpress(grupa-ddd.pl)[1204]: XML-RPC authentication failure for admin from 36.65.104.136
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 02:53:26
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 22:53:10.165974 2026] [security2:error] [pid 15699:tid 15699] [client 36.65.104.136:61037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|evelynkay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "evelynkay.com"] [uri "/xmlrpc.php"] [unique_id "aksYlkqgYR9JrcySirfwcgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-06 01:18:22
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:38:03
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:37:47.832262 2026] [security2:error] [pid 26711:tid 26711] [client 36.65.104.136:58759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|morninginc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "morninginc.com"] [uri "/xmlrpc.php"] [unique_id "akiOG9HFjpyg_bBkLCQ3VgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:34:51
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:34:35.647245 2026] [security2:error] [pid 3164:tid 3164] [client 36.65.104.136:52881] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|truthsabouthealthcare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "truthsabouthealthcare.com"] [uri "/xmlrpc.php"] [unique_id "akcfu51dJG3kKzcbwnIdRAAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 01:32:41
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.65.104.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 21:32:27.433811 2026] [security2:error] [pid 2567:tid 2567] [client 36.65.104.136:49606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.65.104.136 (+1 hits since last alert)|avvmarchetticollini.it|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avvmarchetticollini.it"] [uri "/xmlrpc.php"] [unique_id "akcRK-AtR5P7Gyu9fbNRpAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-02 00:09:07
(6 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ฑ๐ป
garmtech.com
2026-07-01 02:05:53
(1 week ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS
Web App Attack