🇩🇪
stinpriza
2026-07-06 17:34:57
(4 hours ago)
Web App Attack
Web App Attack
🇨🇭
4server
2026-07-06 16:58:48
(5 hours ago)
[MonJul0618:58:45.0588442026][security2:error][pid102748:tid102983][client45.239.204.82:0]ModSecurit ...
show more
[MonJul0618:58:45.0588442026][security2:error][pid102748:tid102983][client45.239.204.82:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"distributori-automatici-ticino.ch\"][uri\"/xmlrpc.php\"][unique_id\"akvexT1BS7SB8ECVT8AupQAAAMc\"]
show less
Hacking
Web App Attack
🇫🇮
YF
2026-07-06 16:01:21
(6 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
🇺🇸
TPI-Abuse
2026-07-02 13:45:20
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:45:13.363755 2026] [security2:error] [pid 22934:tid 22940] [client 45.239.204.82:49806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dasperformance.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dasperformance.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akZraazk5WgQS_IX27bTpgAAAIQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
TPI-Abuse
2026-06-30 14:25:30
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:25:23.668012 2026] [security2:error] [pid 31195:tid 31195] [client 45.239.204.82:65164] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gerrytolentino.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gerrytolentino.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akPR0wxOEJtp6ViYINKnDwAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
TPI-Abuse
2026-06-24 14:48:35
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:48:27.922155 2026] [security2:error] [pid 24305:tid 24305] [client 45.239.204.82:64738] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||airtechconsulting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "airtechconsulting.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajvuO4WwHTgIzF34fDoeiAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
ambor
2026-06-24 11:40:27
(1 week ago)
Honeypot access: WordPress XML-RPC attack attempt. Path: /xmlrpc.php
Brute-Force
Web App Attack
🇳🇱
wlt-blocker
2026-06-23 16:05:31
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
🇺🇸
WeekendWeb
2026-06-23 15:43:41
(1 week ago)
Wordpress Vunerability attack
Web App Attack
🇺🇸
TPI-Abuse
2026-06-23 15:36:34
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 11:36:27.986313 2026] [security2:error] [pid 9795:tid 9795] [client 45.239.204.82:53666] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hodlmoser.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hodlmoser.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajqn--62UVA911eRJpeyFgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇩🇪
stinpriza
2026-06-22 13:39:39
(2 weeks ago)
Web App Attack
Web App Attack
🇺🇸
TPI-Abuse
2026-06-18 19:13:31
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.239.204.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 15:13:24.570454 2026] [security2:error] [pid 26923:tid 26923] [client 45.239.204.82:55680] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||astglobaltech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "astglobaltech.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajRDVE-91zaRz0I8rWUhDAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
🇺🇸
lostswordfish.com
2026-06-17 18:24:03
(2 weeks ago)
Wordfence waf block on pameganslaw
Web App Attack
🇳🇱
wlt-blocker
2026-06-17 17:38:27
(2 weeks ago)
Unauthorized access to webpage admin
Web App Attack
🇦🇺
screwlooseit.com.au
2026-06-17 16:21:42
(2 weeks ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BR/Brazil/-
Web App Attack