๐ฉ๐ช
rh24
2026-06-19 06:41:24
(1 week ago)
(wordpress) Failed wordpress login from 38.254.177.211 (IN/India/-): (CF_ENABLE)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-17 10:07:14
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 06:07:08.267671 2026] [security2:error] [pid 1764:tid 1764] [client 38.254.177.211:52381] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||caddydad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "caddydad.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajJxzLufHvcL-aMS-qqkzgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 13:48:54
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 09:48:48.723552 2026] [security2:error] [pid 10240:tid 10240] [client 38.254.177.211:55485] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.254.177.211 (+1 hits since last alert)|mjkhan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mjkhan.com"] [uri "/xmlrpc.php"] [unique_id "ajFUQEonRBlcLYGzOR3JZQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-16 09:41:09
(2 weeks ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ซ๐ท
dynamix
2026-06-16 08:08:30
(2 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 07:02:52
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 03:02:47.321108 2026] [security2:error] [pid 18712:tid 18712] [client 38.254.177.211:61868] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.254.177.211 (+1 hits since last alert)|vrevgaming.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vrevgaming.net"] [uri "/xmlrpc.php"] [unique_id "ai-jl02h_U0QWhc927sqLAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-06-14 16:29:20
(2 weeks ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 10:41:51
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 06:41:46.711130 2026] [security2:error] [pid 31818:tid 31939] [client 38.254.177.211:58679] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.254.177.211 (+1 hits since last alert)|greencitymethods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greencitymethods.com"] [uri "/xmlrpc.php"] [unique_id "ai6Fav63aWnFH4Ilp_Uf6gAAAMs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-13 11:44:44
(2 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
masterguru
2026-06-13 09:41:59
(2 weeks ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-06-13 08:40:05
(2 weeks ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 15:31:44
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 11:31:39.077135 2026] [security2:error] [pid 8998:tid 9043] [client 38.254.177.211:53995] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.254.177.211 (+1 hits since last alert)|munatseng.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "munatseng.org"] [uri "/xmlrpc.php"] [unique_id "aiwmW_P5pZ82xFtw4tobZgAAAEs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 14:02:46
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 38.254.177.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:02:39.333225 2026] [security2:error] [pid 21949:tid 21949] [client 38.254.177.211:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.254.177.211 (+1 hits since last alert)|local639.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "local639.com"] [uri "/xmlrpc.php"] [unique_id "aiwRfydPm4Vopqkqq1dnzwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-12 14:01:06
(2 weeks ago)
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" " ...
show more
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com"
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/12.5; WordPress/6.2; http://site91636473.com"
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com"
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/13.0; WordPress/6.2; http://site61501264.com"
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "WordPress.com; https://wordpress.com"
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:44 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack/12.0; WordPress/6.2; http://site83539245.com"
[redacted] 38.254.177.211 - - [12/Jun/2026:16:00:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418 "-" "Jetpack by WordPress.com"
[redacted]
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-06-12 10:21:30
(2 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack