Anonymous
2026-07-01 10:07:11
(1 day ago)
(wordpress) Failed wordpress login from 1.53.85.198 (VN/Vietnam/-)
Brute-Force
๐ฉ๐ช
stinpriza
2026-06-30 23:03:32
(1 day ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 12:21:39
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 08:21:32.539291 2026] [security2:error] [pid 12714:tid 12714] [client 1.53.85.198:44754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.vanmeer.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.vanmeer.info"] [uri "/wp-json/wp/v2/users"] [unique_id "akJjTEkr5YmgADlk1XQQUAAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:58:08
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:57:51.594616 2026] [security2:error] [pid 22327:tid 22327] [client 1.53.85.198:14644] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lightbender.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lightbender.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akIlf8Uf7iK_t_0MdefIkgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-29 02:04:53
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
big-cloud.nl
2026-06-29 00:52:03
(3 days ago)
Try to access /xmlrpc.php
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-28 11:04:53
(4 days ago)
Web App Attack
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-06-28 10:14:52
(4 days ago)
CMS/framework probe: 1.53.85.198 - - [28/Jun/2026:12:14:51 +0200] "POST /xmlrpc.php HTTP/1.1" 404 16 ...
show more
CMS/framework probe: 1.53.85.198 - - [28/Jun/2026:12:14:51 +0200] "POST /xmlrpc.php HTTP/1.1" 404 162 "-" "Mozilla/5.0 (Windows NT 6.2; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/60.0.0.0 Safari/537.36" asn=18403 org="FPT Telecom Company" country=VN
...
show less
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-28 07:43:14
(4 days ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 23:30:36
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 19:30:21.047603 2026] [security2:error] [pid 4614:tid 4614] [client 1.53.85.198:28550] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||circleinthesquare.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "circleinthesquare.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akBdDVSFVKeQfnl3_6o8vgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 22:41:23
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 18:41:09.251448 2026] [security2:error] [pid 8807:tid 8807] [client 1.53.85.198:40719] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||market1st.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "market1st.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj8ABZv7BV3XMnw1Vx-t7QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
MusicLibrary
2026-06-24 08:02:40
(1 week ago)
Attempted access to non existent wordpress urls
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-24 01:20:14
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 1.53.85.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 21:19:59.914137 2026] [security2:error] [pid 20984:tid 20984] [client 1.53.85.198:44791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||virtualmediamasters.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "virtualmediamasters.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajswv4UONyQi-GLLZ3DmwQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-22 11:57:37
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-06-22 10:38:04
(1 week ago)
Wordfence waf block on lostswordfish
Web App Attack