๐ธ๐ช
vaia.cloud
2026-07-02 20:44:01
(10 hours ago)
trying wp-login.php/xmlrpc.php 34 times in 1 minutes
Brute-Force
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-02 17:26:03
(14 hours ago)
Wordfence waf block on jestrellafoundation
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:14:11
(16 hours ago)
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil ...
show more
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:14:04.262099 2026] [security2:error] [pid 22130:tid 22130] [client 188.26.211.126:61063] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||forerunnersjazz.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "forerunnersjazz.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akaAPCuxknofoYP6I5HFCgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:07:54
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil ...
show more
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:07:50.054529 2026] [security2:error] [pid 32590:tid 32729] [client 188.26.211.126:55006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||amazinglips.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amazinglips.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akWBpr2f784jiar6TYueZAAAARc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 12:13:29
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil ...
show more
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 08:13:24.635867 2026] [security2:error] [pid 3424:tid 3424] [client 188.26.211.126:53598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||maffiniandbearce.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maffiniandbearce.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akUEZDc7eIeJGhWATvI0zAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 13:18:36
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil ...
show more
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 09:18:31.479865 2026] [security2:error] [pid 29615:tid 29615] [client 188.26.211.126:54201] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rockinr.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rockinr.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aj_Np6kg3f7VQkySfWpyIQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-26 15:45:07
(6 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
bigwavedave
2026-06-26 13:36:16
(6 days ago)
Wordpress Attack
Web App Attack
๐ณ๐ฟ
Tripwire
2026-06-26 10:56:34
(6 days ago)
Probing for Wordpress - /xmlrpc.php
Brute-Force
Web App Attack
๐ฉ๐ช
nyt
2026-06-26 10:32:27
(6 days ago)
XMLRPC Attack
Brute-Force
Web App Attack
๐ฉ๐ช
iNetWorker
2026-06-13 20:23:42
(2 weeks ago)
trolling for resource vulnerabilities
Web App Attack
๐ฉ๐ช
grassau.com
2026-06-11 05:10:55
(3 weeks ago)
(wordpress) Failed wordpress login from 188.26.211.126 (ES/Spain/Madrid/Madrid/static-188-26-211-126 ...
show more
(wordpress) Failed wordpress login from 188.26.211.126 (ES/Spain/Madrid/Madrid/static-188-26-211-126.digimobil.es)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-11 05:08:48
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil ...
show more
(mod_security) mod_security (id:225170) triggered by 188.26.211.126 (static-188-26-211-126.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:08:40.352117 2026] [security2:error] [pid 17432:tid 17432] [client 188.26.211.126:49791] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||blaslandsporthorses.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "blaslandsporthorses.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aipC2GhH1AOnLZymauYGCgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
noise.agency
2026-06-06 18:24:55
(3 weeks ago)
(wordpress) Failed wordpress login from 188.26.211.126 (ES/Spain/static-188-26-211-126.digimobil.es)
Brute-Force
๐ฌ๐ง
noise.agency
2026-06-04 22:50:11
(4 weeks ago)
(wordpress) Failed wordpress login from 188.26.211.126 (ES/Spain/static-188-26-211-126.digimobil.es)
Brute-Force