๐บ๐ธ
lostswordfish.com
2026-07-07 11:38:03
(7 hours ago)
Wordfence waf block on 1105merrystreet
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-06 22:44:39
(19 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-06 10:49:41
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 06:49:38.052069 2026] [security2:error] [pid 29466:tid 29466] [client 2.50.2.186:35141] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.2.186 (+1 hits since last alert)|modmove.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modmove.com"] [uri "/xmlrpc.php"] [unique_id "akuIQvY-q1JiB8LeqMLCxwAAADA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-06 08:12:34
(1 day ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 06:41:43
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 02:41:37.130082 2026] [security2:error] [pid 20090:tid 20090] [client 2.50.2.186:5398] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.2.186 (+1 hits since last alert)|mchen-arch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mchen-arch.com"] [uri "/xmlrpc.php"] [unique_id "aktOITHprmyax9DINPCsIQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 05:10:31
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:10:28.152138 2026] [security2:error] [pid 24273:tid 24273] [client 2.50.2.186:10698] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.2.186 (+1 hits since last alert)|ubuciko.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ubuciko.com"] [uri "/xmlrpc.php"] [unique_id "aks4xNvxNyxopm0I3CfROgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-04 08:04:43
(3 days ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:47:15
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:47:11.176932 2026] [security2:error] [pid 21767:tid 21767] [client 2.50.2.186:35046] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.2.186 (+1 hits since last alert)|stoneybluff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stoneybluff.com"] [uri "/xmlrpc.php"] [unique_id "akd3D32i8gE_5XgX-ZsDtAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-03 07:44:51
(4 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-03 05:43:33
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:43:28.076067 2026] [security2:error] [pid 26713:tid 26713] [client 2.50.2.186:18510] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 2.50.2.186 (+1 hits since last alert)|jillbauman.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jillbauman.com"] [uri "/xmlrpc.php"] [unique_id "akdMANaOUEqaZHPqokTTUAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
akasolutions.de
2026-07-03 03:58:38
(4 days ago)
(wordpress) Failed wordpress login from 2.50.2.186 (AE/United Arab Emirates/bba-2-50-2-186.alshamil. ...
show more
(wordpress) Failed wordpress login from 2.50.2.186 (AE/United Arab Emirates/bba-2-50-2-186.alshamil.net.ae)
show less
Brute-Force
๐ฉ๐ช
dbmwebdesign
2026-07-02 13:15:52
(5 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-02 10:06:02
(5 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:46:32
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 2.50.2.186 (bba-2-50-2-186.alshamil.net.ae): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:46:25.095993 2026] [security2:error] [pid 5772:tid 5785] [client 2.50.2.186:60196] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||peterhansenranch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "peterhansenranch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akYzcToWnXB08GnIoOqPYQAAAEs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Tripwire
2026-07-02 09:44:08
(5 days ago)
Probing for Wordpress - /xmlrpc.php
Brute-Force
Web App Attack