๐ฉ๐ช
LRob
2026-07-17 13:38:35
(1 day ago)
CrowdSec: lrob/wp-xmlrpc-bf | req: /xmlrpc.php | UA: Jetpack by WordPress.com
Brute-Force
Web App Attack
Anonymous
2026-07-17 13:06:50
(1 day ago)
(wordpress) Failed wordpress login from 182.8.255.164 (ID/Indonesia/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-17 08:44:04
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:43:57.625434 2026] [security2:error] [pid 24584:tid 24584] [client 182.8.255.164:19828] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|caddydad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caddydad.com"] [uri "/xmlrpc.php"] [unique_id "alnrTZU04K66wkYlz_KywgAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:45:06
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:45:00.270938 2026] [security2:error] [pid 439867:tid 439867] [client 182.8.255.164:14436] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|arsenalfordemocracy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arsenalfordemocracy.com"] [uri "/xmlrpc.php"] [unique_id "alndfDC9cAkTAJqrB24G_QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-17 07:38:58
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ID/Indonesia/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:11:55
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:11:48.406362 2026] [security2:error] [pid 414416:tid 414416] [client 182.8.255.164:19808] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|globaldentalservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "alnVtFs4k1-RpyFO2KhrHgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-16 15:53:59
(2 days ago)
(xmlrpc) Failed xmlrpc access from 182.8.255.164 (ID/Indonesia/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 14:59:34
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:59:31.687966 2026] [security2:error] [pid 28267:tid 28267] [client 182.8.255.164:1810] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|cubbylure.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cubbylure.com"] [uri "/xmlrpc.php"] [unique_id "aljx03erz0n8OBcPz7lrKAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:07:13
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:07:06.361053 2026] [security2:error] [pid 2869152:tid 2869152] [client 182.8.255.164:13323] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|hendersonhomes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hendersonhomes.com"] [uri "/xmlrpc.php"] [unique_id "aljXek4LVVLLDIoefUrznQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 12:14:17
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:14:09.602114 2026] [security2:error] [pid 4728:tid 4887] [client 182.8.255.164:15347] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|eliteproductions.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eliteproductions.tv"] [uri "/xmlrpc.php"] [unique_id "aljLEaxUT6DdO9Da7pglPgAAAlg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 12:08:23
(2 days ago)
[redacted] 182.8.255.164 - - [16/Jul/2026:14:07:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ...
show more
[redacted] 182.8.255.164 - - [16/Jul/2026:14:07:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 182.8.255.164 - - [16/Jul/2026:14:07:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 182.8.255.164 - - [16/Jul/2026:14:07:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 182.8.255.164 - - [16/Jul/2026:14:08:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site59188474.com"
[redacted] 182.8.255.164 - - [16/Jul/2026:14:08:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
rh24
2026-07-16 10:34:19
(2 days ago)
(xmlrpc_405) XMLRPC-Bot 405 182.8.255.164 (ID/Indonesia/-)
Hacking
๐ฉ๐ช
LRob
2026-07-16 02:38:15
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.co ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.com
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:55:19
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 182.8.255.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:55:14.079624 2026] [security2:error] [pid 12318:tid 12318] [client 182.8.255.164:14061] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.8.255.164 (+1 hits since last alert)|lesdaniels.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lesdaniels.com"] [uri "/xmlrpc.php"] [unique_id "algr8sTTIanSbKDl4aq8KgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-14 00:45:05
(4 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot