Anonymous
2026-07-15 06:37:24
(2 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-14 22:21:45
(10 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 16:48:14
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 12:48:11.059390 2026] [security2:error] [pid 29573:tid 29573] [client 150.129.168.30:56898] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 150.129.168.30 (+1 hits since last alert)|certifiedfarmersmarkets.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "certifiedfarmersmarkets.org"] [uri "/xmlrpc.php"] [unique_id "alZoSw8H5cF7nfkqRYlrDQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 15:13:27
(17 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TAY
2026-07-14 08:53:26
(23 hours ago)
150.129.168.30 - - [14/Jul/2026:16:53:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6449 "-" "WordPress. ...
show more
150.129.168.30 - - [14/Jul/2026:16:53:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6449 "-" "WordPress.com; https://wordpress.com"
150.129.168.30 - - [14/Jul/2026:16:53:15 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6449 "-" "Jetpack/12.5; WordPress/6.1; http://site41916899.com"
150.129.168.30 - - [14/Jul/2026:16:53:26 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6449 "-" "Jetpack/12.5; WordPress/6.1; http://site60994847.com"
...
show less
Brute-Force
Anonymous
2026-07-14 08:53:06
(23 hours ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 06:16:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:16:01.270483 2026] [security2:error] [pid 31545:tid 31545] [client 150.129.168.30:56821] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 150.129.168.30 (+1 hits since last alert)|bikinitweets.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bikinitweets.com"] [uri "/xmlrpc.php"] [unique_id "alXUISIyGBq1pHqMk78rXQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 05:43:13
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 01:43:08.083286 2026] [security2:error] [pid 16488:tid 16488] [client 150.129.168.30:57134] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 150.129.168.30 (+1 hits since last alert)|arellasoc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arellasoc.com"] [uri "/xmlrpc.php"] [unique_id "alXMbKix_b-Pfe_RHWMpnQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 02:57:46
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 22:57:39.829317 2026] [security2:error] [pid 18358:tid 18358] [client 150.129.168.30:56978] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 150.129.168.30 (+1 hits since last alert)|vrevgaming.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vrevgaming.net"] [uri "/xmlrpc.php"] [unique_id "alWloytgL4D0XysEnZCUIQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 12:30:51
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 150.129.168.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 08:30:43.276413 2026] [security2:error] [pid 1560:tid 1560] [client 150.129.168.30:55596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 150.129.168.30 (+1 hits since last alert)|wokedreamer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wokedreamer.com"] [uri "/xmlrpc.php"] [unique_id "alTac-e04Mpl1yccPRBOEgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 12:07:05
(1 day ago)
(PERMBLOCK) 150.129.168.30 (IN/India/-) has had more than 4 temp blocks
Hacking
Anonymous
2026-07-13 11:50:59
(1 day ago)
(wordpress) Failed wordpress login from 150.129.168.30 (IN/India/-)
Brute-Force
๐ฉ๐ช
LRob
2026-07-13 09:46:33
(1 day ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)","Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)","WordPress.com; https://wordpress.c
show less
Brute-Force
Web App Attack
๐ฉ๐ช
PHAM
2026-07-13 04:15:37
(2 days ago)
Shield Guard: Blocklist: IP signalรฉe (blocklist_de) | Chemin suspect: /xmlrpc.php | xmlrpc.php bloqu ...
show more
Shield Guard: Blocklist: IP signalรฉe (blocklist_de) | Chemin suspect: /xmlrpc.php | xmlrpc.php bloquรฉ
show less
Port Scan
๐ฉ๐ช
ghostwarriors
2026-07-13 02:50:16
(2 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack