π©πͺ
rh24
2026-06-30 22:36:07
(15 hours ago)
(wordpress) Failed wordpress login from 109.177.118.96 (AE/United Arab Emirates/-): (CF_ENABLE)
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-30 21:56:19
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:56:16.133965 2026] [security2:error] [pid 28740:tid 28740] [client 109.177.118.96:60788] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jillbauman.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jillbauman.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akQ7gHmAVUA3C6i0JhbRfgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 19:56:29
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:56:22.897072 2026] [security2:error] [pid 9960:tid 9960] [client 109.177.118.96:61958] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.177.118.96 (+1 hits since last alert)|geriterry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geriterry.com"] [uri "/xmlrpc.php"] [unique_id "akQfZmnfb2hQMSHWBar4SAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-30 17:06:10
(20 hours ago)
Excessive 404/403 errors
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-30 13:48:31
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:48:23.339295 2026] [security2:error] [pid 8157:tid 8175] [client 109.177.118.96:62550] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.177.118.96 (+1 hits since last alert)|georgementz.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "georgementz.org"] [uri "/xmlrpc.php"] [unique_id "akPJJ4_SRfwQqbGRwAO-wgAAAUY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 06:37:13
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:37:07.083244 2026] [security2:error] [pid 20213:tid 20213] [client 109.177.118.96:54429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.177.118.96 (+1 hits since last alert)|keychainfilms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "keychainfilms.com"] [uri "/xmlrpc.php"] [unique_id "akNkE3Kxlr6nTcMfAZrFNQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TAY
2026-06-29 12:49:36
(2 days ago)
109.177.118.96 - - [29/Jun/2026:20:49:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6372 "-" "WordPress. ...
show more
109.177.118.96 - - [29/Jun/2026:20:49:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6372 "-" "WordPress.com; https://wordpress.com"
109.177.118.96 - - [29/Jun/2026:20:49:25 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6372 "-" "Jetpack/12.1; WordPress/6.4; http://site71961693.com"
109.177.118.96 - - [29/Jun/2026:20:49:35 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6372 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-29 04:43:08
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:43:04.662457 2026] [security2:error] [pid 26597:tid 26597] [client 109.177.118.96:55980] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.177.118.96 (+1 hits since last alert)|meganmurph.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "meganmurph.com"] [uri "/xmlrpc.php"] [unique_id "akH32KFQ13maZdcjMjM9nAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 06:59:19
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 109.177.118.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:59:13.520605 2026] [security2:error] [pid 25587:tid 25587] [client 109.177.118.96:50202] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 109.177.118.96 (+1 hits since last alert)|kompareiq.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kompareiq.com"] [uri "/xmlrpc.php"] [unique_id "ajD0QQu6QISa2yDHNSypqwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack