π©πͺ
neckaralb-admin.de
2026-07-12 00:31:35
(18 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-12 00:02:11
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 20:02:06.726202 2026] [security2:error] [pid 31738:tid 31738] [client 39.35.238.245:50096] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.238.245 (+1 hits since last alert)|rame-int.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rame-int.com"] [uri "/xmlrpc.php"] [unique_id "alLZfgFhBdOrspNGdYXV8gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-11 18:18:14
(1 day ago)
(wordpress) Failed wordpress login from 39.35.238.245 (PK/Pakistan/-)
Brute-Force
π«π·
applemooz
2026-07-11 18:16:52
(1 day ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
π§πͺ
cmbplf
2026-07-11 00:45:56
(1 day ago)
3.494 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-10 23:38:16
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 19:38:13.647054 2026] [security2:error] [pid 27429:tid 27429] [client 39.35.238.245:59610] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.238.245 (+1 hits since last alert)|calvaryadminservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "calvaryadminservices.com"] [uri "/xmlrpc.php"] [unique_id "alGCZYZeb7GWiXJJt0uqYQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 23:22:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 19:22:21.196352 2026] [security2:error] [pid 10929:tid 10929] [client 39.35.238.245:64339] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.238.245 (+1 hits since last alert)|starsmogsandiego.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "starsmogsandiego.com"] [uri "/xmlrpc.php"] [unique_id "alF-rcdB4xuQBhYvjW_9AwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
WeekendWeb
2026-07-10 21:49:34
(1 day ago)
Wordpress Vunerability attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 18:46:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 14:46:25.011384 2026] [security2:error] [pid 9855:tid 9855] [client 39.35.238.245:57271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.238.245 (+1 hits since last alert)|anamericanabroad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "anamericanabroad.com"] [uri "/xmlrpc.php"] [unique_id "alE-AdC2ekHhwrWHkIMkXAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 18:14:01
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
π«π·
dynamix
2026-07-10 18:13:33
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π«π·
masterguru
2026-07-10 17:23:42
(2 days ago)
(xmlrpc) Apache: Failed xmlrpc access from 39.35.238.245 (PK/Pakistan/-): 10 in the last 3600 secs ( ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 39.35.238.245 (PK/Pakistan/-): 10 in the last 3600 secs (0-201)
show less
Hacking
πΊπΈ
TPI-Abuse
2026-07-09 23:13:29
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 19:13:22.364117 2026] [security2:error] [pid 27626:tid 27626] [client 39.35.238.245:32213] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.238.245 (+1 hits since last alert)|tonytremblayauthor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tonytremblayauthor.com"] [uri "/xmlrpc.php"] [unique_id "alArEvF9D6Xi83eDh6nQhwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 22:42:08
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.35.238.245 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 18:42:05.142154 2026] [security2:error] [pid 18407:tid 18407] [client 39.35.238.245:58537] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.35.238.245 (+1 hits since last alert)|broneksuchanek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "broneksuchanek.com"] [uri "/xmlrpc.php"] [unique_id "alAjvYSFVK_hMrm277OkFAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
IndigoRidge
2026-07-09 22:37:38
(2 days ago)
39.35.238.245 - - [09/Jul/2026:18:36:53 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "Jetpack by ...
show more
39.35.238.245 - - [09/Jul/2026:18:36:53 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
39.35.238.245 - - [09/Jul/2026:18:37:04 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "Jetpack by WordPress.com"
39.35.238.245 - - [09/Jul/2026:18:37:15 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
39.35.238.245 - - [09/Jul/2026:18:37:25 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.com; https://wordpress.com"
39.35.238.245 - - [09/Jul/2026:18:37:36 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "Jetpack by WordPress.com"
...
show less
Web App Attack