๐บ๐ธ
TPI-Abuse
2026-07-11 04:49:54
(22 hours ago)
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 00:49:38.388088 2026] [security2:error] [pid 11551:tid 11551] [client 36.81.171.175:54674] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.81.171.175 (+1 hits since last alert)|rootsofwellnessayurveda.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rootsofwellnessayurveda.com"] [uri "/xmlrpc.php"] [unique_id "alHLYmox3eCogxarv2No_AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 04:19:22
(22 hours ago)
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 00:19:11.365914 2026] [security2:error] [pid 9687:tid 9687] [client 36.81.171.175:61042] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.81.171.175 (+1 hits since last alert)|anthonyanimalclinic.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "anthonyanimalclinic.net"] [uri "/xmlrpc.php"] [unique_id "alHEP75fejWbu_RGucVRtQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-11 02:46:55
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-10 00:34:53
(2 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ID/Indonesia/-
Web App Attack
Anonymous
2026-07-09 07:18:05
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 03:01:55
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:01:44.392337 2026] [security2:error] [pid 3386:tid 3390] [client 36.81.171.175:63447] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.81.171.175 (+1 hits since last alert)|hooknpatch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hooknpatch.com"] [uri "/xmlrpc.php"] [unique_id "ak8PGHGGR-bPXdr6jxEF8gAAAII"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-09 02:00:25
(3 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 06:03:28
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:03:17.459620 2026] [security2:error] [pid 6105:tid 6105] [client 36.81.171.175:52223] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.81.171.175 (+1 hits since last alert)|midway-island.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "midway-island.com"] [uri "/xmlrpc.php"] [unique_id "ak3oJQM9Kl_NQBoRkDqexgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 06:02:13
(3 days ago)
36.81.171.175 - - [08/Jul/2026:08:01:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
36.81.171.175 - - ...
show more
36.81.171.175 - - [08/Jul/2026:08:01:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
36.81.171.175 - - [08/Jul/2026:08:02:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
...
show less
Brute-Force
Bad Web Bot
๐ฌ๐ง
NotCool
2026-07-08 05:41:20
(3 days ago)
(XMLRPC) WP XMLPRC Attack 36.81.171.175 (ID/Indonesia/-): 50 in the last 3600 secs
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 03:21:51
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 36.81.171.175 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 23:21:39.958533 2026] [security2:error] [pid 8826:tid 8826] [client 36.81.171.175:61049] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 36.81.171.175 (+1 hits since last alert)|saynotoofland.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "saynotoofland.org"] [uri "/xmlrpc.php"] [unique_id "ak3CQ6YfMpGlRGFYU-FjeQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
grassau.com
2026-07-07 05:39:31
(4 days ago)
(wordpress) Failed wordpress login from 36.81.171.175 (ID/Indonesia/East Java/Surabaya/-)
Brute-Force