๐จ๐ญ
4server
2026-07-09 23:47:06
(1 week ago)
[FriJul1001:47:02.9045502026][security2:error][pid2723433:tid2723671][client119.93.140.223:0]ModSecu ...
show more
[FriJul1001:47:02.9045502026][security2:error][pid2723433:tid2723671][client119.93.140.223:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"studiokellybenessere.ch\"][uri\"/xmlrpc.php\"][unique_id\"alAy9lHSk4bpUa0cQwiqEwAAAVQ\"]
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2026-07-06 01:05:12
(1 week ago)
Xmlrpc Caught (6)
Brute-Force
Web App Attack
Anonymous
2026-07-05 22:21:47
(1 week ago)
119.93.140.223 - - [06/Jul/2026:00:21:47 +0200] "POST / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows ...
show more
119.93.140.223 - - [06/Jul/2026:00:21:47 +0200] "POST / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 6.3; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/61.0.0.0 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 12:55:34
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 08:55:30.214843 2026] [security2:error] [pid 24647:tid 24647] [client 119.93.140.223:57365] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pinetreedistrict.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pinetreedistrict.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akpUQkwUQqBYhtbay-ZrngAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 10:22:19
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 06:22:11.813087 2026] [security2:error] [pid 4536:tid 4536] [client 119.93.140.223:59562] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||madisonjazzorchestra.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "madisonjazzorchestra.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akowU8OfO37kUz9BPetBaAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
MM-bot
2026-07-05 06:02:26
(2 weeks ago)
URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2026-07-05 08:02:26 UTC+2)
Web App Attack
Hacking
๐ณ๐ฑ
Site.eu
2026-07-05 04:47:23
(2 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-05 02:02:06
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 22:01:59.873515 2026] [security2:error] [pid 7366:tid 7366] [client 119.93.140.223:65343] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||churchbehindthewalls.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "churchbehindthewalls.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akm7Fy8oWlLH-MMQR0uYNQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-04 23:49:28
(2 weeks ago)
Try to access /xmlrpc.php
Web App Attack
Anonymous
2026-07-04 23:10:10
(2 weeks ago)
[web.zebs.ch] httpd-xmlrpc-post: sites=www.asiqual.com; logs=/var/log/httpd/domains/asiqual.com.log; ...
show more
[web.zebs.ch] httpd-xmlrpc-post: sites=www.asiqual.com; logs=/var/log/httpd/domains/asiqual.com.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ฉ๐ช
rh24
2026-07-04 19:14:59
(2 weeks ago)
(wordpress) Failed wordpress login from 119.93.140.223 (PH/Philippines/-): (CF_ENABLE)
Brute-Force
๐ฉ๐ช
YF
2026-07-04 15:10:14
(2 weeks ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-04 14:52:24
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 10:52:19.432060 2026] [security2:error] [pid 27005:tid 27005] [client 119.93.140.223:51550] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||psychiatryabuse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "psychiatryabuse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akkeI4Nm2eDu0k1LhwFN0QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 13:09:50
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 119.93.140.223 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 09:09:45.168714 2026] [security2:error] [pid 29317:tid 29317] [client 119.93.140.223:51100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||newcastle91.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newcastle91.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akkGGfIlx_WgwGV7XLlAzAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-04 07:17:08
(2 weeks ago)
Known malicious PHP file or CMS probe
Web App Attack