๐บ๐ธ
TPI-Abuse
2026-07-08 11:39:52
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:39:45.400505 2026] [security2:error] [pid 23731:tid 23731] [client 154.119.85.66:54018] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.119.85.66 (+1 hits since last alert)|citizensforsanity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "citizensforsanity.com"] [uri "/xmlrpc.php"] [unique_id "ak43AfiFYZREox0qZN_INAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-08 10:36:20
(19 hours ago)
(wordpress) Failed wordpress login from 154.119.85.66 (ZW/Zimbabwe/-)
Brute-Force
๐ซ๐ท
dynamix
2026-07-08 09:33:04
(20 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-08 07:00:37
(22 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ฉ๐ช
Marc
2026-07-07 14:19:29
(1 day ago)
154.119.85.66 - - [07/Jul/2026:16:19:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3672 "-" "Jetpack by ...
show more
154.119.85.66 - - [07/Jul/2026:16:19:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3672 "-" "Jetpack by WordPress.com" 154.119.85.66 - - [07/Jul/2026:16:19:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3720 "-" "Jetpack by WordPress.com" 154.119.85.66 - - [07/Jul/2026:16:19:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3718 "-" "Jetpack/13.0; WordPress/6.3; http://site73481693.com"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 13:53:14
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:53:07.819412 2026] [security2:error] [pid 10469:tid 10469] [client 154.119.85.66:61936] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.119.85.66 (+1 hits since last alert)|slattery-law.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "slattery-law.com"] [uri "/xmlrpc.php"] [unique_id "ak0Ew-4cPzn_jDOzlCe-bQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 13:59:37
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 09:59:30.018549 2026] [security2:error] [pid 27724:tid 27724] [client 154.119.85.66:54545] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.119.85.66 (+1 hits since last alert)|rohanbyles.com.au|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rohanbyles.com.au"] [uri "/xmlrpc.php"] [unique_id "aku0wjG7Alip_Fhv1JV4FgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-07-06 07:09:06
(2 days ago)
154.119.85.66 - - [06/Jul/2026:15:08:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6341 "-" "Jetpack/12. ...
show more
154.119.85.66 - - [06/Jul/2026:15:08:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6341 "-" "Jetpack/12.0; WordPress/6.3; http://site10548613.com"
154.119.85.66 - - [06/Jul/2026:15:08:55 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6341 "-" "WordPress.com; https://wordpress.com"
154.119.85.66 - - [06/Jul/2026:15:09:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6341 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 06:10:45
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:10:36.481216 2026] [security2:error] [pid 11441:tid 11441] [client 154.119.85.66:60275] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.119.85.66 (+1 hits since last alert)|thepercussionworks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "aktG3BWZp6xbRE-6lSz5mgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
elcruzado.es
2026-07-06 05:36:21
(3 days ago)
(wordpress) Failed wordpress login from 154.119.85.66 (ZW/Zimbabwe/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-02 05:55:28
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:55:23.164028 2026] [security2:error] [pid 15105:tid 15105] [client 154.119.85.66:60259] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.119.85.66 (+1 hits since last alert)|whodatnation.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whodatnation.com"] [uri "/xmlrpc.php"] [unique_id "akX9S-1TLCjFAFhUzFQXsAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 10:36:10
(1 week ago)
Attac
Brute-Force
๐ฉ๐ช
rh24
2026-06-29 09:29:11
(1 week ago)
(wordpress) Failed wordpress login from 154.119.85.66 (ZW/Zimbabwe/-): (CF_ENABLE)
Brute-Force
Anonymous
2026-06-29 08:47:30
(1 week ago)
[redacted] 154.119.85.66 - - [29/Jun/2026:10:46:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 154.119.85.66 - - [29/Jun/2026:10:46:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 154.119.85.66 - - [29/Jun/2026:10:46:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 154.119.85.66 - - [29/Jun/2026:10:46:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site13357995.com"
[redacted] 154.119.85.66 - - [29/Jun/2026:10:47:00 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 154.119.85.66 - - [29/Jun/2026:10:47:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site22072239.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 08:17:00
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.119.85.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:16:55.874593 2026] [security2:error] [pid 22424:tid 22527] [client 154.119.85.66:55261] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.119.85.66 (+1 hits since last alert)|killasgarage.bike|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "killasgarage.bike"] [uri "/xmlrpc.php"] [unique_id "aj41dyQ-Kt-Gg0OLE16eOwAAAcs"]
show less
Brute-Force
Bad Web Bot
Web App Attack