๐ซ๐ท
LRob
2026-07-10 12:51:00
(3 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com","WordPress.com; https://wordpress.com","Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)","Jetpack by WordPress.com
show less
Brute-Force
Web App Attack
๐ซ๐ท
LRob
2026-07-09 07:00:54
(4 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack/13.0; Wor ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack/13.0; WordPress/6.3; http://site86377509.com","Jetpack/12.5; WordPress/6.3; http://site66409588.com","WordPress.com; https://wordpress.com",
show less
Brute-Force
Web App Attack
๐ซ๐ท
LRob
2026-07-08 15:21:32
(5 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; ht ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["WordPress.com; https://wordpress.com","Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)","Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:59:21
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:59:15.193572 2026] [security2:error] [pid 6858:tid 6858] [client 151.15.77.53:60121] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|justicehoward.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "justicehoward.com"] [uri "/xmlrpc.php"] [unique_id "ak47k6oLLHpBmDv4VF-fQQAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-08 08:56:49
(5 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 08:32:26
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:32:21.754442 2026] [security2:error] [pid 20959:tid 20959] [client 151.15.77.53:62714] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|climasyequipos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "climasyequipos.com"] [uri "/xmlrpc.php"] [unique_id "ak4LFcearAtv_OB_cXbYewAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 17:12:11
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 13:12:05.231384 2026] [security2:error] [pid 23802:tid 23821] [client 151.15.77.53:54703] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|coloradomountain.homes|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coloradomountain.homes"] [uri "/xmlrpc.php"] [unique_id "akvh5fDaXpJqfc7erTC44wAAAYs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 16:52:59
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 12:52:54.264184 2026] [security2:error] [pid 31579:tid 31579] [client 151.15.77.53:50256] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|globaldentalservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "akvdZnSMVS64tiXf_YmatgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-06 12:25:38
(1 week ago)
(xmlrpc) Failed xmlrpc access from 151.15.77.53 (IT/Italy/15.151.in-addr.arpa): 5 in the last 3600 s ...
show more
(xmlrpc) Failed xmlrpc access from 151.15.77.53 (IT/Italy/15.151.in-addr.arpa): 5 in the last 3600 secs (0-122)
show less
Hacking
๐ซ๐ท
dynamix
2026-07-06 10:42:41
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:44:36
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:44:32.825215 2026] [security2:error] [pid 27433:tid 27460] [client 151.15.77.53:65472] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|managementlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "managementlaw.com"] [uri "/xmlrpc.php"] [unique_id "aktc4DzFuwRj3Z7rtCKZmAAAAFg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-04 22:27:21
(1 week ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 12:28:23
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 08:28:15.621856 2026] [security2:error] [pid 32336:tid 32336] [client 151.15.77.53:50456] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|phoboschildren.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "phoboschildren.com"] [uri "/xmlrpc.php"] [unique_id "akj8X9e3Na4unLBc9ftcmwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 10:12:09
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the la ...
show more
(mod_security) mod_security (id:240335) triggered by 151.15.77.53 (15.151.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 06:12:02.303679 2026] [security2:error] [pid 20330:tid 20330] [client 151.15.77.53:59103] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 151.15.77.53 (+1 hits since last alert)|reelvisionboard.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reelvisionboard.com"] [uri "/xmlrpc.php"] [unique_id "akjccs_6Xhl80zWGIm89egAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 09:06:03
(1 week ago)
Trying to access config files
Web App Attack