π«π·
LRob
2026-07-09 19:39:53
(8 minutes ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)","Jetpack/12.0; WordPress/6.4; http://site62803438.com","Jetpack by WordPress.com","WordPress
show less
Brute-Force
Web App Attack
πΊπΈ
IndigoRidge
2026-07-09 19:10:00
(38 minutes ago)
197.221.254.55 - - [09/Jul/2026:15:09:17 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5270 "-" "Jetpack by ...
show more
197.221.254.55 - - [09/Jul/2026:15:09:17 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5270 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
197.221.254.55 - - [09/Jul/2026:15:09:28 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5270 "-" "Jetpack/12.5; WordPress/6.2; http://site73163930.com"
197.221.254.55 - - [09/Jul/2026:15:09:38 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5270 "-" "Jetpack by WordPress.com"
197.221.254.55 - - [09/Jul/2026:15:09:49 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5270 "-" "Jetpack by WordPress.com"
197.221.254.55 - - [09/Jul/2026:15:09:59 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5270 "-" "Jetpack by WordPress.com"
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 07:41:57
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the l ...
show more
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:41:52.928062 2026] [security2:error] [pid 27343:tid 27461] [client 197.221.254.55:61659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.221.254.55 (+1 hits since last alert)|pilargarciamanzanares.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pilargarciamanzanares.com"] [uri "/xmlrpc.php"] [unique_id "ak9QwOATwZQksAtg9SZN4QAAAoA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 05:45:55
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the l ...
show more
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:45:50.702111 2026] [security2:error] [pid 10412:tid 10412] [client 197.221.254.55:56420] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.221.254.55 (+1 hits since last alert)|caymancline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caymancline.com"] [uri "/xmlrpc.php"] [unique_id "ak81jgXAffg44jdbQZsseAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 04:14:11
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the l ...
show more
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:14:05.743493 2026] [security2:error] [pid 7886:tid 7886] [client 197.221.254.55:55474] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.221.254.55 (+1 hits since last alert)|method1.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "method1.net"] [uri "/xmlrpc.php"] [unique_id "ak8gDTb9KcgOaJK2XTwWNgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 21:36:34
(22 hours ago)
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the l ...
show more
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 17:36:31.305721 2026] [security2:error] [pid 11182:tid 11182] [client 197.221.254.55:20130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.221.254.55 (+1 hits since last alert)|evelynkay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "evelynkay.com"] [uri "/xmlrpc.php"] [unique_id "ak7C3zGxPFL5sCsxngtI_gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-08 21:31:16
(22 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-08 19:58:35
(23 hours ago)
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 19:26:25
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 17:16:04
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the l ...
show more
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 13:15:59.894456 2026] [security2:error] [pid 21098:tid 21098] [client 197.221.254.55:53600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.221.254.55 (+1 hits since last alert)|jessicalevant.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jessicalevant.com"] [uri "/xmlrpc.php"] [unique_id "ak6Fz1wiGBNelIsBwiqgTAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 15:09:25
(1 day ago)
WordPress Brute Force
Brute-Force
π«π·
Lunix
2026-07-08 03:14:22
(1 day ago)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 21:26:47
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the l ...
show more
(mod_security) mod_security (id:240335) triggered by 197.221.254.55 (16.55.telone.co.zw): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:26:41.128922 2026] [security2:error] [pid 7721:tid 7721] [client 197.221.254.55:5239] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.221.254.55 (+1 hits since last alert)|travelwithjenniferb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelwithjenniferb.com"] [uri "/xmlrpc.php"] [unique_id "ak1vEXygVp9nWTgH7L6n4QAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
masterguru
2026-07-07 16:19:33
(2 days ago)
(xmlrpc) Failed xmlrpc access from 197.221.254.55 (ZW/Zimbabwe/16.55.telone.co.zw): 5 in the last 36 ...
show more
(xmlrpc) Failed xmlrpc access from 197.221.254.55 (ZW/Zimbabwe/16.55.telone.co.zw): 5 in the last 3600 secs (0-122)
show less
Hacking
π«π·
masterguru
2026-07-07 14:14:47
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking