๐บ๐ธ
TPI-Abuse
2026-07-02 23:56:35
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 39.35.215.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.215.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 19:56:30.327978 2026] [security2:error] [pid 19910:tid 19910] [client 39.35.215.92:20978] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.215.92 (+1 hits since last alert)|travelwithjenniferb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelwithjenniferb.com"] [uri "/xmlrpc.php"] [unique_id "akb6rq7mzekkc4tdgd_TlQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-02 23:54:58
(20 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ณ๐ฑ
wlt-blocker
2026-07-02 23:33:38
(21 hours ago)
Unauthorized access to webpage admin
Web App Attack
Anonymous
2026-07-02 22:54:43
(21 hours ago)
Attac
Brute-Force
๐ฉ๐ช
pscriptos
2026-07-02 22:50:03
(21 hours ago)
{"ClientAddr":"39.35.215.92:36298","ClientHost":"39.35.215.92","ClientPort":"36298","ClientUsername" ...
show more
{"ClientAddr":"39.35.215.92:36298","ClientHost":"39.35.215.92","ClientPort":"36298","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":129226785,"OriginContentSize":418,"OriginDuration":125712132,"OriginStatus":403,"Overhead":3514653,"RequestAddr":"www.cleveradmin.de","RequestContentSize":711,"RequestCount":151506,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-07-03T00:49:42.380374144+02:00","StartUTC":"2026-07-02T22:49:42.380374144Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-07-03T00:49:42+02:00"}
{"ClientAddr":"39.35.215.92:36298","ClientHost":"39.35.215.92","Clien
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-02 22:38:50
(22 hours ago)
39.35.215.92 - - [03/Jul/2026:00:38:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.co ...
show more
39.35.215.92 - - [03/Jul/2026:00:38:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com"
39.35.215.92 - - [03/Jul/2026:00:38:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com"
39.35.215.92 - - [03/Jul/2026:00:38:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-02 22:23:19
(22 hours ago)
39.35.215.92 - - [03/Jul/2026:00:22:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by W ...
show more
39.35.215.92 - - [03/Jul/2026:00:22:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com"
39.35.215.92 - - [03/Jul/2026:00:23:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
39.35.215.92 - - [03/Jul/2026:00:23:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 6476 "-" "Jetpack/13.0; WordPress/6.4; http://site73269923.com"
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 21:49:23
(22 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-02 21:37:52
(23 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
PK/Pakistan/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 21:36:58
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 39.35.215.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.215.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:36:52.859663 2026] [security2:error] [pid 16222:tid 16222] [client 39.35.215.92:34887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.215.92 (+1 hits since last alert)|motherlyhomecare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "motherlyhomecare.com"] [uri "/xmlrpc.php"] [unique_id "akbZ9CUIRW5v0bNQPfecpgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-02 21:00:10
(23 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-02 20:47:38
(1 day ago)
(wordpress) Failed wordpress login from 39.35.215.92 (PK/Pakistan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-02 19:45:40
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.35.215.92 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.215.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:45:36.988593 2026] [security2:error] [pid 18959:tid 18966] [client 39.35.215.92:46436] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.215.92 (+1 hits since last alert)|aclarityforensics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aclarityforensics.com"] [uri "/xmlrpc.php"] [unique_id "aka_4C1S5xyN0NaPeKYMSwAAAQQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-01-18 04:28:57
(5 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ญ๐บ
szir
2026-01-18 02:38:05
(5 months ago)
Portscan detected
Port Scan