๐บ๐ธ
TPI-Abuse
2026-07-12 00:54:01
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 20:53:53.358048 2026] [security2:error] [pid 16794:tid 16794] [client 137.255.137.150:13243] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.255.137.150 (+1 hits since last alert)|swinjury.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "swinjury.co"] [uri "/xmlrpc.php"] [unique_id "alLloUjrcun8l8Qzrwc3fwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 22:11:12
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 18:11:07.015225 2026] [security2:error] [pid 2984241:tid 2984241] [client 137.255.137.150:60220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.255.137.150 (+1 hits since last alert)|richmondrents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "richmondrents.com"] [uri "/xmlrpc.php"] [unique_id "alK_e27KdvuBCR08MdN3kAAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
NotCool
2026-07-11 20:10:02
(1 day ago)
(XMLRPC) WP XMLPRC Attack 137.255.137.150 (BJ/Benin/-): 50 in the last 3600 secs
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 20:02:22
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 16:02:17.351980 2026] [security2:error] [pid 15431:tid 15431] [client 137.255.137.150:64385] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.255.137.150 (+1 hits since last alert)|kathydumesnilart.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kathydumesnilart.com"] [uri "/xmlrpc.php"] [unique_id "alKhSQXlxj7TKCe6B3xrTQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
factor1
2026-07-11 19:30:09
(1 day ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
Anonymous
2026-07-11 19:30:09
(1 day ago)
137.255.137.150 - - [11/Jul/2026:21:29:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack by ...
show more
137.255.137.150 - - [11/Jul/2026:21:29:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack by WordPress.com"
137.255.137.150 - - [11/Jul/2026:21:29:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
137.255.137.150 - - [11/Jul/2026:21:29:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "WordPress.com; https://wordpress.com"
137.255.137.150 - - [11/Jul/2026:21:29:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
137.255.137.150 - - [11/Jul/2026:21:30:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 750 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 09:22:12
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 137.255.137.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 05:22:06.630217 2026] [security2:error] [pid 30817:tid 30817] [client 137.255.137.150:49266] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 137.255.137.150 (+1 hits since last alert)|edgebiopharma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgebiopharma.com"] [uri "/xmlrpc.php"] [unique_id "alILPsHHWUpqYlyQu89o1gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-11 02:49:31
(2 days ago)
(xmlrpc) Failed xmlrpc access from 137.255.137.150 (BJ/Benin/-): 5 in the last 3600 secs (0-122)
Hacking
๐ฎ๐น
VHosting
2025-12-23 14:30:31
(6 months ago)
Detected attack and reported by a human
DDoS Attack
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
SSH