πΊπΈ
TPI-Abuse
2026-06-24 15:19:55
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 11:19:49.237621 2026] [security2:error] [pid 26037:tid 26037] [client 39.56.125.224:63936] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aroilcontrolsystem.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aroilcontrolsystem.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajv1lUG0-OUKcwyOUcWswgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 14:53:40
(3 weeks ago)
[osotir.org] httpd-xmlrpc-post: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; sa ...
show more
[osotir.org] httpd-xmlrpc-post: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
π©πͺ
LRob
2026-06-24 14:45:03
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 11:13:09
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 07:13:05.932174 2026] [security2:error] [pid 17915:tid 17915] [client 39.56.125.224:57868] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lightningbug.farm|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lightningbug.farm"] [uri "/wp-json/wp/v2/users"] [unique_id "aju7waES0MOPUQ1ooHjj7gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 10:03:10
(3 weeks ago)
Attac
Brute-Force
Anonymous
2026-06-23 14:43:10
(3 weeks ago)
(wordpress) Failed wordpress login from 39.56.125.224 (PK/Pakistan/-)
Brute-Force
π©πͺ
big-cloud.nl
2026-06-23 14:40:55
(3 weeks ago)
Try to access /xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 10:27:03
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 06:26:56.260341 2026] [security2:error] [pid 3433:tid 3433] [client 39.56.125.224:50302] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oshadega.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oshadega.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajkN8Orf5mdZPeFRjK45xQAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
conseilgouz
2026-06-21 11:03:34
(3 weeks ago)
hae-7 : Trying access unauthorized files/dir=>/xmlrpc.php
Hacking
π³π±
wlt-blocker
2026-06-19 15:27:51
(3 weeks ago)
Unauthorized access to webpage admin
Web App Attack
πΊπΈ
integrantservices.com
2026-06-19 08:44:27
(3 weeks ago)
(PERMBLOCK) 39.56.125.224 (PK/Pakistan/-) has had more than 4 temp blocks
Hacking
πΊπΈ
integrantservices.com
2026-06-18 14:48:22
(3 weeks ago)
(wordpress) Failed wordpress login from 39.56.125.224 (PK/Pakistan/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-17 14:44:46
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.56.125.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 10:44:39.760727 2026] [security2:error] [pid 20176:tid 20206] [client 39.56.125.224:63790] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lamcohomecare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lamcohomecare.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajKy1xX7kt-Eo1CMVBv6lwAAAFI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π―π΅
beon
2026-06-17 11:48:40
(4 weeks ago)
[DateTime=>2026-06-17T11:48:40Z (UTC)] , [HoneyPot_Hit=>once] , [HoneyPot=>/xmlrpc.php] , [total_Hit ...
show more
[DateTime=>2026-06-17T11:48:40Z (UTC)] , [HoneyPot_Hit=>once] , [HoneyPot=>/xmlrpc.php] , [total_Hit=>once] , [Keyword=>WordPress]
show less
Bad Web Bot
Web App Attack
π³π±
wlt-blocker
2026-06-17 10:42:14
(4 weeks ago)
Unauthorized access to webpage admin
Web App Attack