Anonymous
2026-07-17 14:06:25
(18 hours ago)
Web App Attack
Brute-Force
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-16 20:23:38
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
US/United States/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 01:41:01
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 21:40:54.532921 2026] [security2:error] [pid 32270:tid 32270] [client 157.22.72.154:61037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||varalla.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "varalla.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alWTpsk5QTSUeBN8KfFehAAAABI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 14:59:05
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 10:58:58.341728 2026] [security2:error] [pid 32103:tid 32103] [client 157.22.72.154:55833] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||endemic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "endemic.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alT9MoYh4S3IQxV9L-JDIAAAAAY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 15:48:15
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 11:48:09.918918 2026] [security2:error] [pid 8695:tid 8721] [client 157.22.72.154:29567] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||danandlila.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "danandlila.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alJlueFPId4fCRqTn-zqVwAAANg"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-09 13:30:14
(1 month ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-05-26 15:37:20
(1 month ago)
Known malicious PHP file or CMS probe
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-14 15:34:00
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 11:33:55.202021 2026] [security2:error] [pid 2231824:tid 2231824] [client 157.22.72.154:53383] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||johngutierrez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "johngutierrez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad5eYwHq-OFKcGCYVT_0wQAAABU"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-28 23:23:23
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.72.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 19:23:18.202714 2026] [security2:error] [pid 18990:tid 18994] [client 157.22.72.154:18267] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ceol.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ceol.com"] [uri "/wp-json/wp/v2/users"] [unique_id "achi5hsi_c1nPvNouAtdMAAAAMI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
kjaerulff
2026-03-28 17:49:07
(3 months ago)
Failed Wordpress login using wp-login.php
Web App Attack
๐บ๐ธ
octageeks.com
2026-03-22 04:06:35
(3 months ago)
Wordpress malicious attack:[octaxmlrpc]
Web App Attack
๐ฉ๐ช
LRob
2026-03-19 23:15:10
(3 months ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-03-18 23:58:04
(3 months ago)
Try to access /xmlrpc.php
Web App Attack
๐บ๐ธ
myagent.site
2026-03-18 16:56:52
(3 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
๐ฉ๐ช
LRob
2026-03-18 07:45:21
(4 months ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack