๐ฑ๐ป
garmtech.com
2026-07-14 15:06:44
(5 hours ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 14:50:06
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 175.107.227.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 175.107.227.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 10:49:52.606910 2026] [security2:error] [pid 2857:tid 2857] [client 175.107.227.219:10660] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||studioyau.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "studioyau.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alJYENf2zAfLl9A9F_-dFgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 15:46:36
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฉ๐ช
4server
2026-07-10 14:42:52
(4 days ago)
[FriJul1016:42:41.2360472026][security2:error][pid1418086:tid1418213][client175.107.227.219:0]ModSec ...
show more
[FriJul1016:42:41.2360472026][security2:error][pid1418086:tid1418213][client175.107.227.219:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"rebirthing-lugano.ch\"][uri\"/xmlrpc.php\"][unique_id\"alEE4fSG_zpXkBqYa5eGoQAAARA\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-06 19:05:00
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
๐ซ๐ท
dynamix
2026-07-06 07:46:57
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-06-26 14:00:51
(2 weeks ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-24 17:52:51
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 175.107.227.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 175.107.227.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 13:52:39.838639 2026] [security2:error] [pid 24462:tid 24462] [client 175.107.227.219:11734] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||difusionens.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "difusionens.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajwZZ8f3d5yS1_LhZnaonwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Dave Hansen
2026-06-20 21:42:50
(3 weeks ago)
(wordpress) Failed wordpress login from 175.107.227.219 (PK/Pakistan/-)
Brute-Force
๐บ๐ธ
lnklnx
2026-06-19 21:16:24
(3 weeks ago)
www.lnklnx.com:443 175.107.227.219 - - [19/Jun/2026:16:16:22 -0500] "POST /xmlrpc.php HTTP/1.1" 403 ...
show more
www.lnklnx.com:443 175.107.227.219 - - [19/Jun/2026:16:16:22 -0500] "POST /xmlrpc.php HTTP/1.1" 403 3872 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/73.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
LRob
2026-06-18 18:45:03
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-17 18:56:49
(3 weeks ago)
[WedJun1720:56:45.6459382026][security2:error][pid2329672:tid2330042][client175.107.227.219:0]ModSec ...
show more
[WedJun1720:56:45.6459382026][security2:error][pid2329672:tid2330042][client175.107.227.219:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"ristrutturazione-case.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajLt7QiMzIvWRZqUL2bHmgAAARM\"]
show less
Hacking
Web App Attack
๐ฎ๐น
VHosting
2026-06-17 18:45:03
(3 weeks ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 18:13:41
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 175.107.227.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 175.107.227.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 14:13:31.434040 2026] [security2:error] [pid 21938:tid 21980] [client 175.107.227.219:11003] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||quantumgaze.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "quantumgaze.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajLjy_rKOKaVzoExNPWgTQAAAYg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
digital-plus-experience.com
2026-06-08 10:43:51
(1 month ago)
Probe for vulnerabilities. Path attempted: /xmlrpc.php
Web App Attack