πΊπΈ
lostswordfish.com
2026-06-11 17:34:03
(1 month ago)
Wordfence waf block on taussigtravel
Web App Attack
π«π·
dynamix
2026-06-11 16:35:43
(1 month ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π«π·
Kenshin869
2026-04-30 09:17:26
(2 months ago)
Wordpress unauthorized access attempt
Brute-Force
π©πͺ
dbmwebdesign
2026-04-25 06:40:12
(2 months ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
Anonymous
2026-04-25 01:06:10
(2 months ago)
Blocked: Reason='Vulnerability probing β PHP scan detected (22/60 min)'; Requests=22
Port Scan
πΊπΈ
TPI-Abuse
2026-04-21 13:33:40
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 21 09:33:30.484093 2026] [security2:error] [pid 1845450:tid 1845450] [client 5.100.92.154:11918] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.100.92.154 (+1 hits since last alert)|abundancecompany.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abundancecompany.com"] [uri "/xmlrpc.php"] [unique_id "aed8qnSdz83AeUgec98LaAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-20 10:26:14
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): ...
show more
(mod_security) mod_security (id:240335) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 06:26:05.308055 2026] [security2:error] [pid 3567652:tid 3567652] [client 5.100.92.154:15298] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.100.92.154 (+1 hits since last alert)|cajunpicasso.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cajunpicasso.com"] [uri "/xmlrpc.php"] [unique_id "aeX_PVGkaJwATi142wlDRQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-18 12:52:49
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 08:52:45.216909 2026] [security2:error] [pid 3864227:tid 3864227] [client 5.100.92.154:11547] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||txcoverage.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "txcoverage.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeN-nSIynnILLgo8vs1Z4wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-12 05:45:25
(3 months ago)
5.100.92.154 - - [12/Apr/2026:07:45:05 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/12.0; ...
show more
5.100.92.154 - - [12/Apr/2026:07:45:05 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/12.0; WordPress/6.1; http://site47732768.com"
5.100.92.154 - - [12/Apr/2026:07:45:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.0; WordPress/6.1; http://site47732768.com"
5.100.92.154 - - [12/Apr/2026:07:45:14 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
5.100.92.154 - - [12/Apr/2026:07:45:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
5.100.92.154 - - [12/Apr/2026:07:45:25 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Jetpack/13.0; WordPress/6.4; http://site30807730.com"
...
show less
Brute-Force
Web App Attack
πΊπΈ
WeekendWeb
2026-04-12 01:34:07
(3 months ago)
Wordpress Vunerability attack
Web App Attack
π©πͺ
grassau.com
2026-04-11 23:37:27
(3 months ago)
(wordpress) Failed wordpress login from 5.100.92.154 (RU/Russia/Primorye/Vladivostok/5-100-92-154.ip ...
show more
(wordpress) Failed wordpress login from 5.100.92.154 (RU/Russia/Primorye/Vladivostok/5-100-92-154.ipoe.vladlink.net)
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-04-11 13:54:54
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 09:54:47.747583 2026] [security2:error] [pid 1959659:tid 1959659] [client 5.100.92.154:12712] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gilgoinn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gilgoinn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adpSp4nyy0F283b-Fx_FrAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-05 18:33:50
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 5.100.92.154 (5-100-92-154.ipoe.vladlink.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 14:33:43.525819 2026] [security2:error] [pid 1390:tid 1390] [client 5.100.92.154:6208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bronislawsuchanek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bronislawsuchanek.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adKrB_lvLtwB3134kI4pPAAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
big-cloud.nl
2026-04-05 08:21:33
(3 months ago)
Try to access /xmlrpc.php
Web App Attack
πΊπΈ
kosada.com
2026-04-04 11:04:08
(3 months ago)
Web vulnerability probing: /xmlrpc.php
Web App Attack