๐ซ๐ท
matthieul.dev
2026-07-01 20:35:28
(2 weeks ago)
Blocked by os-abuseipdb; 13 hits, proto=tcp,udp, ports=24327
Port Scan
Brute-Force
๐ฉ๐ช
4server
2026-04-11 06:59:46
(3 months ago)
[SatApr1108:59:43.6550962026][security2:error][pid1787859:tid1788013][client103.78.239.33:0]ModSecur ...
show more
[SatApr1108:59:43.6550962026][security2:error][pid1787859:tid1788013][client103.78.239.33:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"148\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"rvengineering.ch\"][uri\"/xmlrpc.php\"][unique_id\"adnxX87fTIuR-xfp9GDeZQAAAQY\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ช๐ธ
10dencehispahard SL
2025-11-26 06:00:40
(7 months ago)
Unauthorized login attempts [ wordpress-xmlrpc]
Brute-Force
Web App Attack
Anonymous
2025-11-17 08:40:05
(8 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ณ๐ฑ
Roderic
2025-11-16 07:29:58
(8 months ago)
(apache_scanners-2) Failed apache-scanners trigger with match [redacted])
Port Scan
๐บ๐ธ
TPI-Abuse
2025-11-15 12:36:44
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 15 07:36:38.553819 2025] [security2:error] [pid 20413:tid 20413] [client 103.78.239.33:54159] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fredlandia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fredlandia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRhz1ofpgSPI0H4xgta7kwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2025-11-13 09:42:00
(8 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-11 10:19:41
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 05:19:35.385021 2025] [security2:error] [pid 3210:tid 3210] [client 103.78.239.33:60442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||evelynkay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "evelynkay.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRMNt3EKcAKscmKzaxCUTQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-17 05:05:10
(9 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-10-12 14:16:03
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 12 10:15:57.623017 2025] [security2:error] [pid 29339:tid 29339] [client 103.78.239.33:60253] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vanmeer.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vanmeer.info"] [uri "/wp-json/wp/v2/users"] [unique_id "aOu4HSWJtHZqjo88hDeZQQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-01 06:04:56
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 103.78.239.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 02:04:50.629070 2025] [security2:error] [pid 23988:tid 23988] [client 103.78.239.33:56513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pluralmatrix.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pluralmatrix.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aNzEggwQ1qQws2JIGB0J4gAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
Immersive
2025-09-28 19:33:24
(9 months ago)
Wordpress brute-force attack for login credentials \(eg: wp-login.php or xmlrpc.php\)
Hacking
Brute-Force
Web App Attack
๐ณ๐ฑ
exxos
2025-09-02 14:03:01
(10 months ago)
Attacks with Bad user agents
Hacking
๐ณ๐ฑ
exxos
2025-08-28 07:05:18
(10 months ago)
Attacks with Bad user agents
Hacking
Anonymous
2025-08-18 19:44:31
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH