๐ณ๐ฑ
wlt-blocker
2026-07-02 02:29:13
(7 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
bigwavedave
2026-07-01 15:26:56
(18 hours ago)
Wordpress Attack
Web App Attack
๐ฉ๐ช
LRob
2026-07-01 02:30:18
(1 day ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 01:12:07
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
konseptit
2026-06-30 17:29:38
(1 day ago)
(wordpress) Failed wordpress login from 201.253.24.249 (AR/Argentina/host249.201-253-24.telecom.net. ...
show more
(wordpress) Failed wordpress login from 201.253.24.249 (AR/Argentina/host249.201-253-24.telecom.net.ar)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 23:34:12
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 201.253.24.249 (host249.201-253-24.telecom.net. ...
show more
(mod_security) mod_security (id:225170) triggered by 201.253.24.249 (host249.201-253-24.telecom.net.ar): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:34:07.530612 2026] [security2:error] [pid 1854:tid 1854] [client 201.253.24.249:15973] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||livingminimal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "livingminimal.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akMA77yQBTJ5fotK7fSIEQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-29 17:29:23
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 15:20:54
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 201.253.24.249 (host249.201-253-24.telecom.net. ...
show more
(mod_security) mod_security (id:225170) triggered by 201.253.24.249 (host249.201-253-24.telecom.net.ar): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 11:20:49.855893 2026] [security2:error] [pid 21134:tid 21134] [client 201.253.24.249:18092] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||benchmarkbcs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "benchmarkbcs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akKNURS-OuaKf9rQ8j1TygAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 01:27:45
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 201.253.24.249 (host249.201-253-24.telecom.net. ...
show more
(mod_security) mod_security (id:225170) triggered by 201.253.24.249 (host249.201-253-24.telecom.net.ar): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:27:40.607417 2026] [security2:error] [pid 19567:tid 19637] [client 201.253.24.249:36640] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||executiveconsultingpr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "executiveconsultingpr.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akHKDKf36JGmBvk0nIbN1wAAAEc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
vaia.cloud
2026-06-28 21:16:01
(3 days ago)
trying wp-login.php/xmlrpc.php 106 times in 1 minutes
Brute-Force
Web App Attack
๐จ๐ญ
4server
2026-06-28 19:23:32
(3 days ago)
[SunJun2821:23:26.1386122026][security2:error][pid2859931:tid2859940][client201.253.24.249:0]ModSecu ...
show more
[SunJun2821:23:26.1386122026][security2:error][pid2859931:tid2859940][client201.253.24.249:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"annunci-ticino.ch\"][uri\"/xmlrpc.php\"][unique_id\"akF0rhbpgWuY1A7GLgEAgQAAAAc\"]
show less
Hacking
Web App Attack
๐บ๐ธ
MPL
2026-06-27 18:56:50
(4 days ago)
tcp/443 (4 or more attempts)
Port Scan
๐ฉ๐ช
LRob
2026-06-27 04:00:08
(5 days ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-27 02:38:23
(5 days ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ฆ
Olexiy Backend
2026-06-25 22:17:03
(6 days ago)
201.253.24.249
...
Bad Web Bot
Web App Attack