๐ฒ๐ฝ
octageeks.com
2026-06-22 04:19:33
(3 weeks ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 02:15:16
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 22:15:11.181984 2026] [security2:error] [pid 1600:tid 1600] [client 66.179.191.163:36624] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.paguilar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.paguilar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajiar8EMrIui2RCzkbIM1wAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-22 01:45:04
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-21 09:24:40
(3 weeks ago)
Excessive 404/403 errors
Brute-Force
๐ณ๐ฑ
Brict IT
2026-06-20 20:50:33
(3 weeks ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 10:07:36
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:07:31.117129 2026] [security2:error] [pid 24471:tid 24471] [client 66.179.191.163:45422] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.midway-island.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.midway-island.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajUU44UaZPP-cFSkBDUWvgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 09:51:18
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 05:51:14.473011 2026] [security2:error] [pid 672:tid 672] [client 66.179.191.163:43724] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dragonflytunes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dragonflytunes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajUREpSz0uBu1TnpjjvBEgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 06:42:59
(4 weeks ago)
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" " ...
show more
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:82.0) Gecko/20100101 Firefox/82.0"
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0"
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0"
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0"
[redacted] 66.179.191.163 - - [19/Jun/2026:08:42:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (
...
show less
Hacking
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-18 22:33:43
(4 weeks ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 21:34:35
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 17:34:30.455052 2026] [security2:error] [pid 3021:tid 3021] [client 66.179.191.163:32822] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.disio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.disio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajRkZovSJdkfRU4O_vYpPwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
reznekcs
2026-06-18 20:40:23
(4 weeks ago)
F2B wordpress ban. Logs: 66.179.191.163 - - [18/Jun/2026:22:40:21 +0200] "POST /xmlrpc.php HTTP/1.1" ...
show more
F2B wordpress ban. Logs: 66.179.191.163 - - [18/Jun/2026:22:40:21 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"
66.179.191.163 - - [18/Jun/2026:22:40:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:42.0) Gecko/20100101 Firefox/42.0"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 03:23:45
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 66.179.191.163 (ip66-179-191-163.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 23:23:40.064408 2026] [security2:error] [pid 17255:tid 17255] [client 66.179.191.163:36366] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||solarfarms.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "solarfarms.info"] [uri "/wp-json/wp/v2/users"] [unique_id "ajNkvNNattf7_epshPqhsQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
mondor.ro
2026-06-18 02:38:26
(1 month ago)
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 66.179.191.163, Reason ...
show more
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 66.179.191.163, Reason:[(XMLRPC) WP XMLPRC Attack 66.179.191.163 (US/United States/ip66-179-191-163.pbiaas.com): 10 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:
show less
Port Scan
๐ซ๐ท
SpaceHost-Server
2026-06-17 22:33:12
(1 month ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-16 22:30:56
(1 month ago)
Brute-Force
Web App Attack