Anonymous
2026-07-17 01:09:35
(10 hours ago)
[redacted] 37.6.162.217 - - [17/Jul/2026:03:07:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Wo ...
show more
[redacted] 37.6.162.217 - - [17/Jul/2026:03:07:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 37.6.162.217 - - [17/Jul/2026:03:08:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 37.6.162.217 - - [17/Jul/2026:03:09:02 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
[redacted] 37.6.162.217 - - [17/Jul/2026:03:09:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 37.6.162.217 - - [17/Jul/2026:03:09:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:42:24
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:42:17.578010 2026] [security2:error] [pid 17473:tid 17473] [client 37.6.162.217:37127] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.6.162.217 (+1 hits since last alert)|lgbtqhistoryinaustin.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lgbtqhistoryinaustin.org"] [uri "/xmlrpc.php"] [unique_id "alkmCUP0flQXiZMIst7jTwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 18:38:27
(17 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-16 07:53:38
(1 day ago)
[redacted] 37.6.162.217 - - [16/Jul/2026:09:52:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ...
show more
[redacted] 37.6.162.217 - - [16/Jul/2026:09:52:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site34631980.com"
[redacted] 37.6.162.217 - - [16/Jul/2026:09:53:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 37.6.162.217 - - [16/Jul/2026:09:53:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 37.6.162.217 - - [16/Jul/2026:09:53:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 37.6.162.217 - - [16/Jul/2026:09:53:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ซ๐ท
masterguru
2026-07-16 05:17:29
(1 day ago)
(xmlrpc) Apache: Failed xmlrpc access from 37.6.162.217 (GR/Greece/adsl-217.37.6.162.tellas.gr): 10 ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 37.6.162.217 (GR/Greece/adsl-217.37.6.162.tellas.gr): 10 in the last 3600 secs (0-201)
show less
Hacking
๐ธ๐ช
vaia.cloud
2026-07-16 02:38:04
(1 day ago)
trying wp-login.php/xmlrpc.php 34 times in 1 minutes
Brute-Force
Web App Attack
Anonymous
2026-07-15 22:02:02
(1 day ago)
[redacted] 37.6.162.217 - - [16/Jul/2026:00:01:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Je ...
show more
[redacted] 37.6.162.217 - - [16/Jul/2026:00:01:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
[redacted] 37.6.162.217 - - [16/Jul/2026:00:01:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
[redacted] 37.6.162.217 - - [16/Jul/2026:00:01:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
[redacted] 37.6.162.217 - - [16/Jul/2026:00:01:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
[redacted] 37.6.162.217 - - [16/Jul/2026:00:02:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack/12.5; WordPress/6.4; http://site21103361.com"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
konseptit
2026-07-15 22:00:58
(1 day ago)
(wordpress) Failed wordpress login from 37.6.162.217 (GR/Greece/adsl-217.37.6.162.tellas.gr)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-15 00:37:22
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 20:37:15.627922 2026] [security2:error] [pid 30333:tid 30333] [client 37.6.162.217:29005] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.6.162.217 (+1 hits since last alert)|csm-dtc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "csm-dtc.com"] [uri "/xmlrpc.php"] [unique_id "albWO8_Spcgj1wU0iNWdhAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 19:26:55
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:26:47.801862 2026] [security2:error] [pid 4015468:tid 4015468] [client 37.6.162.217:1686] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.6.162.217 (+1 hits since last alert)|richmondrents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "richmondrents.com"] [uri "/xmlrpc.php"] [unique_id "alaNd4nGshxT6SvS1a8sEAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-13 11:57:25
(3 days ago)
37.6.162.217 - - [13/Jul/2026:07:55:07 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5701 "-" "WordPress.co ...
show more
37.6.162.217 - - [13/Jul/2026:07:55:07 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5701 "-" "WordPress.com; https://wordpress.com"
37.6.162.217 - - [13/Jul/2026:07:56:21 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5701 "-" "WordPress.com; https://wordpress.com"
37.6.162.217 - - [13/Jul/2026:07:57:03 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5701 "-" "WordPress.com; https://wordpress.com"
37.6.162.217 - - [13/Jul/2026:07:57:14 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5701 "-" "WordPress.com; https://wordpress.com"
37.6.162.217 - - [13/Jul/2026:07:57:24 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5701 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐ฉ๐ช
rh24
2026-07-12 21:54:32
(4 days ago)
(xmlrpc_405) XMLRPC-Bot 405 37.6.162.217 (GR/Greece/adsl-217.37.6.162.tellas.gr)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-12 18:19:05
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 14:18:57.781707 2026] [security2:error] [pid 539:tid 539] [client 37.6.162.217:50236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.6.162.217 (+1 hits since last alert)|travelwithjenniferb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelwithjenniferb.com"] [uri "/xmlrpc.php"] [unique_id "alPakQJ3dGS_W0yzJ-sj0AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 17:53:28
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (adsl-217.37.6.162.tellas.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 13:53:22.987739 2026] [security2:error] [pid 30156:tid 30156] [client 37.6.162.217:2495] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.6.162.217 (+1 hits since last alert)|talkingmess.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talkingmess.com"] [uri "/xmlrpc.php"] [unique_id "alPUknSjvcQ0eu-aOXw6wwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-07-12 17:22:48
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (GR/Greece/adsl-217.37.6.162.tella ...
show more
(mod_security) mod_security (id:240335) triggered by 37.6.162.217 (GR/Greece/adsl-217.37.6.162.tellas.gr): 5 in the last 300 secs
show less
Brute-Force
Web App Attack