๐ณ๐ฑ
wlt-blocker
2026-06-30 15:40:12
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-30 15:37:35
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-06-30 14:56:13
(1 day ago)
Attac
Brute-Force
Anonymous
2026-06-30 10:51:23
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฌ๐ง
noise.agency
2026-06-30 06:10:45
(1 day ago)
(wordpress) Failed wordpress login from 36.73.222.101 (ID/Indonesia/-)
Brute-Force
๐ณ๐ฑ
Site.eu
2026-06-29 12:06:14
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
masterguru
2026-06-29 09:03:34
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 06:51:43
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:51:29.836025 2026] [security2:error] [pid 22641:tid 22641] [client 36.73.222.101:49970] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.73.222.101 (+1 hits since last alert)|d-sinema.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "akIV8aNA_sMtLuROVeRZsQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 04:24:28
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:24:16.870739 2026] [security2:error] [pid 4227:tid 4260] [client 36.73.222.101:44273] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.73.222.101 (+1 hits since last alert)|strengthsmatter.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "strengthsmatter.com"] [uri "/xmlrpc.php"] [unique_id "akHzcPLchBdjXQzmEjPzxQAAAYE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-06-28 21:01:49
(3 days ago)
2.062 requests from abuseipdb.com blacklisted IP (1yr3mos1w)
Brute-Force
Bad Web Bot
๐ฉ๐ช
Marc
2026-06-28 20:45:11
(3 days ago)
36.73.222.101 - - [28/Jun/2026:22:44:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3296 "-" "WordPress.c ...
show more
36.73.222.101 - - [28/Jun/2026:22:44:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3296 "-" "WordPress.com; https://wordpress.com" 36.73.222.101 - - [28/Jun/2026:22:44:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "WordPress.com; https://wordpress.com" 36.73.222.101 - - [28/Jun/2026:22:45:10 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3296 "-" "Jetpack by WordPress.com"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 20:17:49
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:17:33.544976 2026] [security2:error] [pid 19815:tid 19815] [client 36.73.222.101:32287] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.73.222.101 (+1 hits since last alert)|mortuarymessageservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mortuarymessageservices.com"] [uri "/xmlrpc.php"] [unique_id "akGBXfnycMYtfETTYdGWngAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 17:05:29
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.73.222.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:05:20.312499 2026] [security2:error] [pid 10652:tid 10668] [client 36.73.222.101:4943] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.73.222.101 (+1 hits since last alert)|tkfay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tkfay.com"] [uri "/xmlrpc.php"] [unique_id "akFUUK56RYuQn8TAEiMcgAAAAUU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 14:07:50
(3 days ago)
36.73.222.101 - - [28/Jun/2026:16:07:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack by W ...
show more
36.73.222.101 - - [28/Jun/2026:16:07:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack by WordPress.com"
36.73.222.101 - - [28/Jun/2026:16:07:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
36.73.222.101 - - [28/Jun/2026:16:07:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack/12.1; WordPress/6.1; http://site54595091.com"
36.73.222.101 - - [28/Jun/2026:16:07:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.1; WordPress/6.1; http://site54595091.com"
36.73.222.101 - - [28/Jun/2026:16:07:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-28 11:14:33
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH