๐ณ๐ฑ
wlt-blocker
2026-06-29 17:33:25
(5 hours ago)
Unauthorized access to webpage admin
Web App Attack
Anonymous
2026-06-28 11:26:04
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-28 09:49:18
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐จ๐ญ
4server
2026-06-28 08:54:12
(1 day ago)
[SunJun2810:54:07.3133612026][security2:error][pid844858:tid845106][client176.36.173.122:0]ModSecuri ...
show more
[SunJun2810:54:07.3133612026][security2:error][pid844858:tid845106][client176.36.173.122:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"manishimwe.ch\"][uri\"/xmlrpc.php\"][unique_id\"akDhL8-C42USO3gsBR9O9AAAANU\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 04:17:41
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net ...
show more
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:17:36.148543 2026] [security2:error] [pid 3417:tid 3417] [client 176.36.173.122:56362] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||genevainvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "genevainvestors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akCgYI8_rrd_kBzLK6CVVQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-28 00:13:28
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 20:46:04
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net ...
show more
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:45:57.798876 2026] [security2:error] [pid 26769:tid 26769] [client 176.36.173.122:61180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arsenalfordemocracy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arsenalfordemocracy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akA2hUbE8xrGnbuYxRq2igAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-27 13:19:22
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-26 23:23:35
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net ...
show more
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:23:30.778698 2026] [security2:error] [pid 5783:tid 5783] [client 176.36.173.122:57515] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||angelaknightmusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "angelaknightmusic.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj8J8hVBUurjWfLvqoHXLgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 14:48:53
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net ...
show more
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 10:48:46.933164 2026] [security2:error] [pid 26290:tid 26290] [client 176.36.173.122:58898] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ospectra.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ospectra.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj6RTtdWIGKMpCrBIFGDbwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-26 01:05:13
(3 days ago)
Malicious activity
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-25 20:41:56
(4 days ago)
[ThuJun2522:41:50.2387962026][security2:error][pid1542824:tid1542907][client176.36.173.122:0]ModSecu ...
show more
[ThuJun2522:41:50.2387962026][security2:error][pid1542824:tid1542907][client176.36.173.122:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"rs-gaming.net\"][uri\"/xmlrpc.php\"][unique_id\"aj2SjjUIOwXEraiQbgx6xwAAAAg\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ช๐ธ
masterguru
2026-06-25 18:53:07
(4 days ago)
(xmlrpc) Failed xmlrpc access from 176.36.173.122 (UA/Ukraine/host-176-36-173-122.b024.la.net.ua): 5 ...
show more
(xmlrpc) Failed xmlrpc access from 176.36.173.122 (UA/Ukraine/host-176-36-173-122.b024.la.net.ua): 5 in the last 3600 secs (0-122)
show less
Hacking
๐ณ๐ฑ
wlt-blocker
2026-06-25 18:13:00
(4 days ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 21:14:14
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net ...
show more
(mod_security) mod_security (id:225170) triggered by 176.36.173.122 (host-176-36-173-122.b024.la.net.ua): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 17:14:10.544871 2026] [security2:error] [pid 12373:tid 12373] [client 176.36.173.122:64305] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||salernospizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salernospizza.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajr3It-wQ9DcAJhmh5RnbgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack