๐บ๐ธ
IndigoRidge
2026-07-13 08:51:29
(2 hours ago)
88.164.134.153 - - [13/Jul/2026:04:49:50 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5199 "-" "WordPress. ...
show more
88.164.134.153 - - [13/Jul/2026:04:49:50 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5199 "-" "WordPress.com; https://wordpress.com"
88.164.134.153 - - [13/Jul/2026:04:50:22 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5199 "-" "WordPress.com; https://wordpress.com"
88.164.134.153 - - [13/Jul/2026:04:50:33 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5199 "-" "WordPress.com; https://wordpress.com"
88.164.134.153 - - [13/Jul/2026:04:51:17 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5199 "-" "WordPress.com; https://wordpress.com"
88.164.134.153 - - [13/Jul/2026:04:51:28 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5199 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 08:50:53
(2 hours ago)
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net) ...
show more
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 04:50:48.298159 2026] [security2:error] [pid 10496:tid 10496] [client 88.164.134.153:2360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 88.164.134.153 (+1 hits since last alert)|apuntesdeinversion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "alSm6HPY2-uekvBOkpJ5LwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-11 22:26:02
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
factor1
2026-07-11 18:17:51
(1 day ago)
Fail2ban at churndash Reports Abuse.
Brute-Force
Web App Attack
Anonymous
2026-07-10 22:12:01
(2 days ago)
[ssd1.kdns.gr] httpd-xmlrpc-post: sites=www.filoixenofontos.gr; logs=/var/log/httpd/domains/filoixen ...
show more
[ssd1.kdns.gr] httpd-xmlrpc-post: sites=www.filoixenofontos.gr; logs=/var/log/httpd/domains/filoixenofontos.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
francoisunix
2026-07-10 20:27:55
(2 days ago)
88.164.134.153 - - [10/Jul/2026:20:27:09 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by ...
show more
88.164.134.153 - - [10/Jul/2026:20:27:09 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
88.164.134.153 - - [10/Jul/2026:20:27:20 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack/13.0; WordPress/6.1; http://site88781463.com"
88.164.134.153 - - [10/Jul/2026:20:27:31 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack/12.0; WordPress/6.2; http://site29178362.com"
88.164.134.153 - - [10/Jul/2026:20:27:42 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com"
88.164.134.153 - - [10/Jul/2026:20:27:53 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack/12.5; WordPress/6.2; http://site93010513.com"
...
show less
Web App Attack
Anonymous
2026-06-29 17:07:34
(1 week ago)
[redacted] 88.164.134.153 - - [29/Jun/2026:19:06:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 88.164.134.153 - - [29/Jun/2026:19:06:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 88.164.134.153 - - [29/Jun/2026:19:06:59 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 88.164.134.153 - - [29/Jun/2026:19:07:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.1; http://site92636744.com"
[redacted] 88.164.134.153 - - [29/Jun/2026:19:07:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.4; http://site26269215.com"
[redacted] 88.164.134.153 - - [29/Jun/2026:19:07:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 12:36:22
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net) ...
show more
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:36:17.787487 2026] [security2:error] [pid 11346:tid 11346] [client 88.164.134.153:10776] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 88.164.134.153 (+1 hits since last alert)|bigislandhawaiicoffee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigislandhawaiicoffee.com"] [uri "/xmlrpc.php"] [unique_id "akJmwYyTk2f2UGo54jDV7AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-29 12:33:53
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-06-29 11:04:40
(1 week ago)
Attac
Brute-Force
๐ซ๐ท
dynamix
2026-06-21 20:42:56
(3 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 13:52:35
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net) ...
show more
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 09:52:28.090398 2026] [security2:error] [pid 18871:tid 18871] [client 88.164.134.153:13511] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 88.164.134.153 (+1 hits since last alert)|calvarycavaliers.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "calvarycavaliers.org"] [uri "/xmlrpc.php"] [unique_id "ajfsnDClzWK5_leZAzy0TwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 10:36:23
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net) ...
show more
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:36:18.760458 2026] [security2:error] [pid 6801:tid 6801] [client 88.164.134.153:2430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 88.164.134.153 (+1 hits since last alert)|kildarafarms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kildarafarms.com"] [uri "/xmlrpc.php"] [unique_id "aje-otcgnfF8ijyobOhbDQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 20:40:37
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net) ...
show more
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 16:40:31.752738 2026] [security2:error] [pid 21402:tid 21402] [client 88.164.134.153:8856] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 88.164.134.153 (+1 hits since last alert)|esysapps.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "esysapps.com"] [uri "/xmlrpc.php"] [unique_id "ajG0v-O-EEkH2GbnJrOh8wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 18:25:25
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net) ...
show more
(mod_security) mod_security (id:240335) triggered by 88.164.134.153 (88-164-134-153.subs.proxad.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:25:18.314988 2026] [security2:error] [pid 6790:tid 6790] [client 88.164.134.153:9790] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 88.164.134.153 (+1 hits since last alert)|budgetbyron.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "budgetbyron.com"] [uri "/xmlrpc.php"] [unique_id "ajGVDpL24TE8cYCpoGCp5gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack