π«π·
masterguru
2026-06-28 00:12:44
(6 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
πΊπΈ
TPI-Abuse
2026-06-28 00:10:17
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 20:10:14.236866 2026] [security2:error] [pid 20615:tid 20615] [client 39.35.226.226:42566] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.226.226 (+1 hits since last alert)|oogeothermal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oogeothermal.com"] [uri "/xmlrpc.php"] [unique_id "akBmZirxuunc5-oVWW9bmgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-27 23:33:38
(6 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-06-27 23:32:21
(6 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 22:46:09
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 18:46:05.891188 2026] [security2:error] [pid 21437:tid 21437] [client 39.35.226.226:10497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.226.226 (+1 hits since last alert)|rodandreelpiercam.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodandreelpiercam.com"] [uri "/xmlrpc.php"] [unique_id "akBSrTRuz_XUNXrvIG0q-wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΈπͺ
konseptit
2026-06-27 22:44:40
(6 days ago)
(wordpress) Failed wordpress login from 39.35.226.226 (PK/Pakistan/-)
Brute-Force
π«π·
SpaceHost-Server
2026-06-27 22:30:31
(6 days ago)
Brute-Force
Web App Attack
Anonymous
2026-06-27 21:52:35
(6 days ago)
[redacted] 39.35.226.226 - - [27/Jun/2026:23:51:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 39.35.226.226 - - [27/Jun/2026:23:51:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 39.35.226.226 - - [27/Jun/2026:23:51:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site64693317.com"
[redacted] 39.35.226.226 - - [27/Jun/2026:23:51:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
[redacted] 39.35.226.226 - - [27/Jun/2026:23:52:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 39.35.226.226 - - [27/Jun/2026:23:52:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 21:42:12
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 17:42:04.948059 2026] [security2:error] [pid 29939:tid 29939] [client 39.35.226.226:52417] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.226.226 (+1 hits since last alert)|motherlyhomecare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "motherlyhomecare.com"] [uri "/xmlrpc.php"] [unique_id "akBDrJOaWNTv-_UxrzfQFgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 20:35:41
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:35:37.712772 2026] [security2:error] [pid 27892:tid 27892] [client 39.35.226.226:65196] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.226.226 (+1 hits since last alert)|pastorjohndunning.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pastorjohndunning.com"] [uri "/xmlrpc.php"] [unique_id "akA0GQsXFWBccvsoHjXfMAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 20:02:00
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:01:55.254867 2026] [security2:error] [pid 25808:tid 25808] [client 39.35.226.226:49539] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.226.226 (+1 hits since last alert)|bestcostparts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bestcostparts.com"] [uri "/xmlrpc.php"] [unique_id "akAsM0CQIIdHuS_pKMJqvwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-06-27 19:05:03
(6 days ago)
(wordpress) Failed wordpress login from 39.35.226.226 (PK/Pakistan/-)
Brute-Force
π«π·
dynamix
2026-06-27 19:04:30
(6 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-27 18:36:57
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.226.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:36:54.370584 2026] [security2:error] [pid 14774:tid 14774] [client 39.35.226.226:57817] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.226.226 (+1 hits since last alert)|nuewines.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nuewines.com"] [uri "/xmlrpc.php"] [unique_id "akAYRuJ0maijjVWygUKMMwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 18:28:40
(6 days ago)
Attac
Brute-Force