๐บ๐ธ
TPI-Abuse
2026-07-07 17:47:25
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:47:16.009187 2026] [security2:error] [pid 24049:tid 24049] [client 118.96.195.124:63031] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rochesterhistorical.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rochesterhistorical.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak07pA1mIaK0qqC9Lm6U7gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 16:07:05
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 15:26:25
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:26:09.979035 2026] [security2:error] [pid 7082:tid 7082] [client 118.96.195.124:57057] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||monogay.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "monogay.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak0akUUGfdc7ta-M6ubrcQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-06 01:31:34
(3 days ago)
Try to access /xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 01:26:54
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 21:26:40.845296 2026] [security2:error] [pid 25635:tid 25635] [client 118.96.195.124:57628] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cycontechnology.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cycontechnology.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aksEUMUxdUo52W-M4YA4JwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-06 00:56:30
(3 days ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: ID | UA: Mozilla/5.0 (Windows NT 10. ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: ID | UA: Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/94.0.0.0 Safari/
show less
Hacking
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-05 23:34:33
(3 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ID/Indonesia/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 09:42:51
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 118.96.195.124 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 05:42:34.524800 2026] [security2:error] [pid 29699:tid 29699] [client 118.96.195.124:59147] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lawrencehale.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lawrencehale.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akonClrdTIZGTi0kRBHFtgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
sumnone
2021-01-30 07:58:31
(5 years ago)
Port probing on unauthorized port 445
Bad Web Bot
Exploited Host
Web App Attack