Anonymous
2026-07-15 06:40:04
(3 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-14 22:50:51
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 11:32:30
(1 week ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 10:33:56
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 195.158.24.137 (mail.aids-center.uz): 1 in the ...
show more
(mod_security) mod_security (id:240335) triggered by 195.158.24.137 (mail.aids-center.uz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 06:33:50.864153 2026] [security2:error] [pid 17143:tid 17143] [client 195.158.24.137:53607] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 195.158.24.137 (+1 hits since last alert)|konahawaii.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "konahawaii.com"] [uri "/xmlrpc.php"] [unique_id "alDKjla_n3_uV5n6QYr3tAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-10 07:20:50
(1 week ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-09 14:48:46
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 14:20:19
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 195.158.24.137 (mail.aids-center.uz): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 195.158.24.137 (mail.aids-center.uz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 10:20:11.729454 2026] [security2:error] [pid 1452:tid 1452] [client 195.158.24.137:65327] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||godcanuseyou.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "godcanuseyou.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ak-uGw5tVJB9TSEoe3m27gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-09 08:09:45
(1 week ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-08 06:47:55
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 195.158.24.137 (mail.aids-center.uz): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 195.158.24.137 (mail.aids-center.uz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:47:48.220583 2026] [security2:error] [pid 19413:tid 19413] [client 195.158.24.137:60926] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||guarinofurnituredesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "guarinofurnituredesigns.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ak3ylGz7z6QYYRDn4PilKgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 07:58:01
(2 weeks ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-06-30 06:04:10
(2 weeks ago)
Attac
Brute-Force
๐ณ๐ฑ
Site.eu
2026-06-26 09:54:20
(3 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-06-24 22:55:03
(3 weeks ago)
195.158.24.137 - - [25/Jun/2026:00:54:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by ...
show more
195.158.24.137 - - [25/Jun/2026:00:54:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
195.158.24.137 - - [25/Jun/2026:00:54:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
195.158.24.137 - - [25/Jun/2026:00:54:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
195.158.24.137 - - [25/Jun/2026:00:54:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
195.158.24.137 - - [25/Jun/2026:00:55:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.0; WordPress/6.3; http://site10730782.com"
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-24 16:17:41
(3 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
integrantservices.com
2026-06-24 15:46:05
(3 weeks ago)
(wordpress) Failed wordpress login from 195.158.24.137 (UZ/Uzbekistan/mail.aids-center.uz)
Brute-Force