π©πͺ
MusicLibrary
2026-07-17 17:37:42
(1 day ago)
Attempted access to non existent wordpress urls
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-17 17:08:25
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 13:08:17.954762 2026] [security2:error] [pid 23731:tid 23731] [client 149.102.78.37:60196] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doctoredwinalvarez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doctoredwinalvarez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alphgUobrUV4riwltJJQQgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
4server
2026-07-16 20:20:08
(2 days ago)
[ThuJul1622:20:05.4375552026][security2:error][pid300326:tid300377][client149.102.78.37:0]ModSecurit ...
show more
[ThuJul1622:20:05.4375552026][security2:error][pid300326:tid300377][client149.102.78.37:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"allegraravizza.it\"][uri\"/xmlrpc.php\"][unique_id\"alk89Zwe9s3rrn_1YLH2FAAAAY8\"]
show less
Port Scan
Brute-Force
Web App Attack
π³πΏ
Tripwire
2026-07-15 16:57:02
(3 days ago)
Probing for Wordpress - /xmlrpc.php
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-15 16:13:19
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 12:13:11.452791 2026] [security2:error] [pid 21758:tid 21758] [client 149.102.78.37:59996] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fetchamreadingroom.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fetchamreadingroom.org"] [uri "/wp-json/wp/v2/users"] [unique_id "alexl11jZsu34oZMBexl0QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-15 12:46:51
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 08:46:46.934830 2026] [security2:error] [pid 13539:tid 13539] [client 149.102.78.37:60901] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aifactoid.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aifactoid.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aleBNnppQ5JVNrWgzx_78AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 13:07:47
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.78.37 (seatelecom.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 09:07:41.155911 2026] [security2:error] [pid 16799:tid 16799] [client 149.102.78.37:60544] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mobileonlinecasinos.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mobileonlinecasinos.co"] [uri "/wp-json/wp/v2/users"] [unique_id "alDunVgGNTyP2H-EFcf4qQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
bigwavedave
2026-07-10 12:53:58
(1 week ago)
Wordpress Attack
Web App Attack
Anonymous
2026-07-09 20:29:04
(1 week ago)
[redacted] 149.102.78.37 - - [09/Jul/2026:22:28:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "M ...
show more
[redacted] 149.102.78.37 - - [09/Jul/2026:22:28:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/15.0.0.0 Safari/537.36"
[redacted] 149.102.78.37 - - [09/Jul/2026:22:28:49 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.0.0 Safari/537.36"
[redacted] 149.102.78.37 - - [09/Jul/2026:22:28:51 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36"
[redacted] 149.102.78.37 - - [09/Jul/2026:22:28:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/82.0.0.0 Safari/537.36"
[redacted] 149.102.78.37 - - [09/Jul/2026:22:29:04 +0200] "POST /xmlrpc.php HTTP/1.1" 403 239 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (K
...
show less
Hacking
Web App Attack
π¦πΊ
screwlooseit.com.au
2026-07-07 18:55:45
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
NO/Norway/seatelecom.com.br
Web App Attack
Anonymous
2026-07-07 15:25:21
(1 week ago)
Fail2Ban WordPress login brute-force detected
Brute-Force
Web App Attack
π³π±
MM-bot
2026-07-06 18:20:56
(1 week ago)
URL-probe: HTTP/1.1 POST request on /xmlrpc.php (2026-07-06 20:20:56 UTC+2)
Web App Attack
Hacking