๐ฉ๐ช
big-cloud.nl
2026-07-02 11:41:07
(4 hours ago)
Try to access /arrangementen/xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:31:34
(8 hours ago)
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:31:30.132321 2026] [security2:error] [pid 24832:tid 24832] [client 39.60.234.208:56046] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||madisonjazzorchestra.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "madisonjazzorchestra.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akYT0on1p_8wYN0gcqZnxQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-01 02:55:08
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-06-30 07:05:05
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฎ๐ฉ
Burayot
2026-06-30 05:18:37
(2 days ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 39.60.234.208 (PK/Pakistan/-): 1 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 39.60.234.208 (PK/Pakistan/-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 19:41:46
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 15:41:39.322591 2026] [security2:error] [pid 14489:tid 14489] [client 39.60.234.208:52309] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gracebaptisthartsville.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gracebaptisthartsville.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akLKcyy6gyx-El_py7IWNgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-06-29 05:46:05
(3 days ago)
39.60.234.208 - - [29/Jun/2026:1
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 04:34:21
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:34:13.358184 2026] [security2:error] [pid 8783:tid 8783] [client 39.60.234.208:49704] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hodlmoser.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hodlmoser.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akH1xWPYhdlEXMiojOaoWAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 16:12:19
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 39.60.234.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:12:14.092955 2026] [security2:error] [pid 11093:tid 11107] [client 39.60.234.208:54486] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vancekelly.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vancekelly.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akFH3qDi5hZcr6iqn65uowAAAUo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-28 15:57:22
(4 days ago)
Try to access /xmlrpc.php
Web App Attack
๐ฉ๐ช
Lino Project
2026-06-28 11:07:44
(4 days ago)
39.60.234.208 - - [28/Jun/2026:13:07:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5321 "-" "Mozilla/5.0 ...
show more
39.60.234.208 - - [28/Jun/2026:13:07:41 +0200] "POST /xmlrpc.php HTTP/1.1" 403 5321 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/76.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-28 05:26:26
(4 days ago)
Unauthorized access to webpage admin
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-28 01:34:32
(4 days ago)
(wordpress) Failed wordpress login from 39.60.234.208 (PK/Pakistan/-): (CF_ENABLE)
Brute-Force
๐ง๐ช
taivas.nl
2026-06-27 22:02:10
(4 days ago)
Wordpress_xmlrpc_attack
Bad Web Bot
๐ซ๐ท
Kenshin869
2026-06-27 20:59:04
(4 days ago)
Wordpress unauthorized access attempt
Brute-Force