๐ฉ๐ช
neckaralb-admin.de
2026-07-10 12:12:47
(7 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฆ๐บ
clapper
2026-07-10 11:13:54
(8 hours ago)
(mod_security) mod_security (id:350202) triggered by 179.97.233.188 (BR/Brazil/188-233-97-179-dynami ...
show more
(mod_security) mod_security (id:350202) triggered by 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.com.br): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐ฉ๐ช
rh24
2026-07-10 10:41:38
(8 hours ago)
(wordpress) Failed wordpress login from 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.co ...
show more
(wordpress) Failed wordpress login from 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.com.br): (CF_ENABLE)
show less
Brute-Force
Anonymous
2026-07-10 07:06:21
(12 hours ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 08:48:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma ...
show more
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:48:23.888086 2026] [security2:error] [pid 26037:tid 26037] [client 179.97.233.188:61733] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.97.233.188 (+1 hits since last alert)|geriterry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geriterry.com"] [uri "/xmlrpc.php"] [unique_id "ak9gVw2Z0L-cW919CTCOpAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 08:17:40
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma ...
show more
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:17:29.305901 2026] [security2:error] [pid 32445:tid 32445] [client 179.97.233.188:63573] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.97.233.188 (+1 hits since last alert)|nypatriotcards.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nypatriotcards.com"] [uri "/xmlrpc.php"] [unique_id "ak9ZGTv-peehqZiW2ApzwgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-09 07:14:42
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BR/Brazil/188-233-97-179-dynamic-user.mma.com.br
Web App Attack
Anonymous
2026-07-09 03:06:03
(1 day ago)
Trying to access config files
Web App Attack
Anonymous
2026-07-09 01:17:59
(1 day ago)
(wordpress) Failed wordpress login from 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.co ...
show more
(wordpress) Failed wordpress login from 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.com.br)
show less
Brute-Force
๐บ๐ธ
cwytech
2026-07-09 01:16:29
(1 day ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 23:48:20
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma ...
show more
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:48:16.163022 2026] [security2:error] [pid 6021:tid 6116] [client 179.97.233.188:62331] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.97.233.188 (+1 hits since last alert)|arizonasolutionsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arizonasolutionsgroup.com"] [uri "/xmlrpc.php"] [unique_id "ak7hwAhI-c1x10m94nmk3AAAAgc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-08 16:13:27
(2 days ago)
(wordpress) Failed wordpress login from 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.co ...
show more
(wordpress) Failed wordpress login from 179.97.233.188 (BR/Brazil/188-233-97-179-dynamic-user.mma.com.br): (CF_ENABLE)
show less
Brute-Force
๐ฉ๐ช
neckaralb-admin.de
2026-07-08 15:53:58
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 15:15:17
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma ...
show more
(mod_security) mod_security (id:240335) triggered by 179.97.233.188 (188-233-97-179-dynamic-user.mma.com.br): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 11:15:13.895223 2026] [security2:error] [pid 5349:tid 5349] [client 179.97.233.188:64155] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 179.97.233.188 (+1 hits since last alert)|lakependoreillemobility.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lakependoreillemobility.com"] [uri "/xmlrpc.php"] [unique_id "ak5pga0nW56SRmiufEnAGwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 05:02:07
(2 days ago)
Bad Web Bot
Web App Attack