JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 5.77.133.154

5.77.133.154 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 49%: ?

49%

ISP	Ucom CJSC
Usage Type	Fixed Line ISP
ASN	AS44395
Hostname(s)	host-154.133.77.5.ucom.am
Domain Name	ucom.am
Country	🇦🇲 Armenia
City	Yerevan, Yerevan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 5.77.133.154

Whois 5.77.133.154

IP Abuse Reports for 5.77.133.154:

This IP address has been reported a total of 14 times from 9 distinct sources. 5.77.133.154 was first reported on June 8th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 15:00:41 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 5.77.133.154 (host-154.133.77.5.ucom.am): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 5.77.133.154 (host-154.133.77.5.ucom.am): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 11:00:34.120900 2026] [security2:error] [pid 31278:tid 31278] [client 5.77.133.154:47709] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.77.133.154 (+1 hits since last alert)\|crep-psych.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "crep-psych.org"] [uri "/xmlrpc.php"] [unique_id "ajvxEpzXOqtSNyO8xEuyfwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-22 16:43:10 (4 days ago)	Attac	Brute-Force
🇦🇺 screwlooseit.com.au	2026-06-22 16:42:11 (4 days ago)	Blocked by CSF 13 firewall - Rule: XMLRPC AM/Armenia/host-154.133.77.5.ucom.am	Web App Attack
🇺🇸 Jason Howell	2026-06-19 19:56:50 (1 week ago)	5.77.133.154 - - [19/Jun/2026:14:48:23 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4968 "-" "Jetpack by W ... show more 5.77.133.154 - - [19/Jun/2026:14:48:23 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4968 "-" "Jetpack by WordPress.com" 5.77.133.154 - - [19/Jun/2026:14:50:30 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4968 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" 5.77.133.154 - - [19/Jun/2026:14:52:36 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4967 "-" "Jetpack/13.0; WordPress/6.1; http://site13322895.com" 5.77.133.154 - - [19/Jun/2026:14:54:43 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4966 "-" "WordPress.com; https://wordpress.com" 5.77.133.154 - - [19/Jun/2026:14:56:50 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4968 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)" ... show less	Web App Attack
Anonymous	2026-06-19 19:48:17 (1 week ago)	5.77.133.154 - - [20/Jun/2026:03:48:15 +0800] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by Wo ... show more 5.77.133.154 - - [20/Jun/2026:03:48:15 +0800] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" ... show less	Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-19 06:23:32 (1 week ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/wordpress-xmlrpc-bf-high.	Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-18 19:20:54 (1 week ago)	(wordpress) Failed wordpress login from 5.77.133.154 (AM/Armenia/host-154.133.77.5.ucom.am)	Brute-Force
🇺🇸 integrantservices.com	2026-06-13 20:00:29 (1 week ago)	(wordpress) Failed wordpress login from 5.77.133.154 (AM/Armenia/host-154.133.77.5.ucom.am)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 18:34:22 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 5.77.133.154 (host-154.133.77.5.ucom.am): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 5.77.133.154 (host-154.133.77.5.ucom.am): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:34:15.895571 2026] [security2:error] [pid 27300:tid 27300] [client 5.77.133.154:31280] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.77.133.154 (+1 hits since last alert)\|vanmeer.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vanmeer.info"] [uri "/xmlrpc.php"] [unique_id "ai2ip32SfocuNdskYL9I5QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 vaia.cloud	2026-06-13 18:04:10 (1 week ago)	trying wp-login.php/xmlrpc.php 30 times in 1 minutes	Brute-Force Web App Attack
Anonymous	2026-06-13 17:59:51 (1 week ago)	[redacted] 5.77.133.154 - - [13/Jun/2026:19:59:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Je ... show more [redacted] 5.77.133.154 - - [13/Jun/2026:19:59:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 5.77.133.154 - - [13/Jun/2026:19:59:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 5.77.133.154 - - [13/Jun/2026:19:59:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site58869507.com" [redacted] 5.77.133.154 - - [13/Jun/2026:19:59:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" [redacted] 5.77.133.154 - - [13/Jun/2026:19:59:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 17:34:28 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 5.77.133.154 (host-154.133.77.5.ucom.am): 1 in ... show more (mod_security) mod_security (id:240335) triggered by 5.77.133.154 (host-154.133.77.5.ucom.am): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 13:34:21.161592 2026] [security2:error] [pid 11202:tid 11202] [client 5.77.133.154:49657] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 5.77.133.154 (+1 hits since last alert)\|prcomputersolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prcomputersolutions.com"] [uri "/xmlrpc.php"] [unique_id "ai2UnZHktM6o5RG1UrrfqQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 integrantservices.com	2026-06-12 06:02:13 (2 weeks ago)	(wordpress) Failed wordpress login from 5.77.133.154 (AM/Armenia/host-154.133.77.5.ucom.am)	Brute-Force
🇺🇸 integrantservices.com	2026-06-08 14:39:10 (2 weeks ago)	(wordpress) Failed wordpress login from 5.77.133.154 (AM/Armenia/host-154.133.77.5.ucom.am)	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 202.163.107.241

🇧🇷 177.30.64.65

🇺🇸 98.93.211.163

🇧🇷 15.229.25.59

🇧🇬 193.24.211.107

🇮🇹 185.15.171.137

🇺🇸 158.94.187.182

🇧🇩 103.179.198.19

🇳🇱 46.8.68.144

🇺🇸 45.130.83.174

🇺🇸 172.253.1.28

🇻🇳 117.2.123.19

🇺🇸 107.172.78.18

🇩🇪 85.215.252.72

🇺🇸 74.114.28.222

🇮🇹 72.146.44.117

🇺🇸 66.132.195.62

🇸🇪 20.240.51.74

🇺🇸 20.83.165.140

🇷🇴 151.242.30.40