Anonymous
2026-07-01 04:41:48
(3 days ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ฌ๐ง
AvonleaConsulting
2026-06-24 22:59:28
(1 week ago)
Attempts to probe web pages for vulnerable PHP or other applications
Web App Attack
๐ซ๐ท
tecnicorioja
2026-06-24 22:01:13
(1 week ago)
POST /xmlrpc.php [24/Jun/2026:14:57:23
Web App Attack
Brute-Force
Anonymous
2026-06-24 18:11:00
(1 week ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-24 16:47:02
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
masterguru
2026-06-24 14:40:44
(1 week ago)
(xmlrpc) Apache: Failed xmlrpc access from 20.161.30.192 (US/United States/-): 10 in the last 3600 s ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 20.161.30.192 (US/United States/-): 10 in the last 3600 secs (0-201)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-24 14:24:37
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 20.161.30.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.161.30.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:24:32.957543 2026] [security2:error] [pid 24979:tid 25001] [client 20.161.30.192:15671] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tmsx2.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tmsx2.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvooIgvW-rYXp2RBA_HKgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
ALPHANET
2026-06-24 14:24:03
(1 week ago)
web exploits
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 14:06:48
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 20.161.30.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.161.30.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:06:41.084713 2026] [security2:error] [pid 1682:tid 1682] [client 20.161.30.192:16290] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kalvannastudios.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kalvannastudios.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvkccKjktsBrekN5ah5uwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Ocean Ascents
2026-06-24 14:05:42
(1 week ago)
Probe for vulnerabilities. Path attempted: /wp-json/wp/v2/users
Web App Attack
๐ฌ๐ง
poundawebsiteltd
2026-06-24 14:05:40
(1 week ago)
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 20.161.30.192 - - [24/Jun/2026:15:05:35 +0100] P ...
show more
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 20.161.30.192 - - [24/Jun/2026:15:05:35 +0100] POST /xmlrpc.php HTTP/1.1 503 22320 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
Penny Packer
2026-06-24 14:04:52
(1 week ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 13:46:50
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 20.161.30.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.161.30.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:46:44.379760 2026] [security2:error] [pid 26302:tid 26302] [client 20.161.30.192:16490] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||powerinpictures.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "powerinpictures.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvfxG8Cf9TBR1F6KQZvHQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-24 13:42:19
(1 week ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.161.30.192 (US/United States/-): 1 in the l ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.161.30.192 (US/United States/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ง๐ช
cmbplf
2026-06-24 13:35:38
(1 week ago)
11.907 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot