๐ฉ๐ช
LRob
2026-07-17 06:50:24
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: WordPress.com; https:// ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: WordPress.com; https://wordpress.com
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 10:37:38
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 06:37:26.342590 2026] [security2:error] [pid 29303:tid 29303] [client 154.57.193.37:43337] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.57.193.37 (+1 hits since last alert)|tracytappan.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tracytappan.net"] [uri "/xmlrpc.php"] [unique_id "aldi5p1RC1qAMTxKEjmi0AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 05:37:48
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 01:37:39.578819 2026] [security2:error] [pid 8259:tid 8271] [client 154.57.193.37:57002] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.57.193.37 (+1 hits since last alert)|koalacogs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "koalacogs.com"] [uri "/xmlrpc.php"] [unique_id "alcco7lCV-BWURTvi9S_wAAAAQo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-15 05:36:25
(4 days ago)
(wordpress) Failed wordpress login from 154.57.193.37 (PK/Pakistan/-)
Brute-Force
๐ซ๐ท
dynamix
2026-07-14 10:06:48
(5 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-14 08:20:32
(5 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 08:14:16
(5 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 12:41:34
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 08:41:21.612039 2026] [security2:error] [pid 16704:tid 16704] [client 154.57.193.37:20343] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.57.193.37 (+1 hits since last alert)|kritaka.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kritaka.ai"] [uri "/xmlrpc.php"] [unique_id "alI58ThjX_9utQWjReCduQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 12:11:29
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 08:11:17.089668 2026] [security2:error] [pid 19489:tid 19489] [client 154.57.193.37:46261] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.57.193.37 (+1 hits since last alert)|wpcoc.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wpcoc.org"] [uri "/xmlrpc.php"] [unique_id "alIy5TXN5urtJtSqjfKp8QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 08:58:57
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 154.57.193.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:58:46.067458 2026] [security2:error] [pid 32392:tid 32392] [client 154.57.193.37:23225] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 154.57.193.37 (+1 hits since last alert)|epetsure.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "epetsure.co"] [uri "/xmlrpc.php"] [unique_id "ak9ixjYpnZXxWTb8rlpQNQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-06 09:30:18
(1 week ago)
Wordpress Vunerability attack
Web App Attack