๐ฉ๐ช
ghostwarriors
2026-07-16 08:20:30
(16 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 08:12:16
(16 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-16 07:42:53
(17 hours ago)
(wordpress) Failed wordpress login from 79.177.135.27 (IL/Israel/bzq-79-177-135-27.red.bezeqint.net)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-16 07:42:26
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.n ...
show more
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:42:22.339820 2026] [security2:error] [pid 22401:tid 22412] [client 79.177.135.27:36682] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.177.135.27 (+1 hits since last alert)|hmpdecors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hmpdecors.com"] [uri "/xmlrpc.php"] [unique_id "aliLXvjr1RUkRhE1hvtNlQAAAMQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 13:07:18
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 17:50:43
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.n ...
show more
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 13:50:35.168425 2026] [security2:error] [pid 20296:tid 20296] [client 79.177.135.27:35946] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.177.135.27 (+1 hits since last alert)|iplayriichi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iplayriichi.com"] [uri "/xmlrpc.php"] [unique_id "alUla0TJhHAInku0jniykwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-13 13:49:13
(3 days ago)
(wordpress) Failed wordpress login from 79.177.135.27 (IL/Israel/bzq-79-177-135-27.red.bezeqint.net)
Brute-Force
๐บ๐ธ
nationaleventpros.com
2026-07-13 05:48:54
(3 days ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
lostswordfish.com
2026-07-12 14:14:03
(4 days ago)
Wordfence waf block on ncrsol
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 09:08:38
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.n ...
show more
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 05:08:34.221105 2026] [security2:error] [pid 3279:tid 3279] [client 79.177.135.27:35228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.177.135.27 (+1 hits since last alert)|takeapawsboston.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "takeapawsboston.com"] [uri "/xmlrpc.php"] [unique_id "alNZktsn6r2uaw0p7zcSxQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 11:44:59
(1 week ago)
[redacted] 79.177.135.27 - - [09/Jul/2026:13:44:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 79.177.135.27 - - [09/Jul/2026:13:44:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 79.177.135.27 - - [09/Jul/2026:13:44:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
[redacted] 79.177.135.27 - - [09/Jul/2026:13:44:36 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 79.177.135.27 - - [09/Jul/2026:13:44:47 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 79.177.135.27 - - [09/Jul/2026:13:44:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 16:47:19
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.n ...
show more
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 12:47:13.275334 2026] [security2:error] [pid 832:tid 832] [client 79.177.135.27:34044] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.177.135.27 (+1 hits since last alert)|mariettacaseyclub.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mariettacaseyclub.org"] [uri "/xmlrpc.php"] [unique_id "ak5_EQG4t0SXHky6bBq4QwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 12:59:37
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.n ...
show more
(mod_security) mod_security (id:240335) triggered by 79.177.135.27 (bzq-79-177-135-27.red.bezeqint.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 08:59:32.858722 2026] [security2:error] [pid 22020:tid 22020] [client 79.177.135.27:35137] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 79.177.135.27 (+1 hits since last alert)|humbliaslaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "humbliaslaw.com"] [uri "/xmlrpc.php"] [unique_id "ak5JtANp_XwKOTZuLD4SaQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-08 12:57:55
(1 week ago)
(wordpress) Failed wordpress login from 79.177.135.27 (IL/Israel/bzq-79-177-135-27.red.bezeqint.net)
Brute-Force
๐ซ๐ท
dynamix
2026-07-07 15:33:27
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack