๐ฌ๐ง
consul.to
2026-06-29 19:24:44
(3 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
findlab
2026-06-26 12:05:02
(6 days ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 17:56:40
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-t ...
show more
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-tde.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 13:56:36.879419 2026] [security2:error] [pid 14762:tid 14762] [client 83.59.200.81:58026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||drbolen.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drbolen.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajwaVCKZPJXh795tsc0L3wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-23 17:16:37
(1 week ago)
Web App Attack
Web App Attack
๐ท๐ด
INTEQ
2026-06-21 15:59:32
(1 week ago)
Web attack from 83.59.200.81
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 15:56:27
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-t ...
show more
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-tde.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 11:56:22.447301 2026] [security2:error] [pid 26611:tid 26611] [client 83.59.200.81:60334] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||paguilar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paguilar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajgJpvIdJko0_IRwXdxj-gAAADk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-21 12:29:43
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-06-18 12:48:14
(2 weeks ago)
(wordpress) Failed wordpress login from 83.59.200.81 (ES/Spain/81.red-83-59-200.dynamicip.rima-tde.n ...
show more
(wordpress) Failed wordpress login from 83.59.200.81 (ES/Spain/81.red-83-59-200.dynamicip.rima-tde.net)
show less
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2026-06-13 12:04:15
(2 weeks ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ES/Spain/81.red-83-59-200.dynamicip.rima-tde.net
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-13 04:21:33
(2 weeks ago)
Wordpress malicious attack:[octaxmlrpc]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 14:56:46
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-t ...
show more
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-tde.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 10:56:42.060167 2026] [security2:error] [pid 22288:tid 22288] [client 83.59.200.81:65498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tedharris.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tedharris.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiweKl-d0EHfIk11hTOppAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-08 00:06:03
(3 weeks ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (11/60 min)'; Requests=11
Port Scan
๐ฉ๐ช
LRob
2026-06-08 00:00:27
(3 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marc
2026-06-06 12:58:07
(3 weeks ago)
83.59.200.81 - - [06/Jun/2026:14:57:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "Mozilla/5.0 ...
show more
83.59.200.81 - - [06/Jun/2026:14:57:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "Mozilla/5.0 (Linux; Android 10; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/10.0.0.0 Safari/537.36" 83.59.200.81 - - [06/Jun/2026:14:57:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3299 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/70.0.0.0 Safari/537.36" 83.59.200.81 - - [06/Jun/2026:14:58:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3298 "-" "Mozilla/5.0 (Windows NT 10.0; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.0.0 Safari/537.36"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 14:37:17
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-t ...
show more
(mod_security) mod_security (id:225170) triggered by 83.59.200.81 (81.red-83-59-200.dynamicip.rima-tde.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 10:37:13.049513 2026] [security2:error] [pid 9017:tid 9017] [client 83.59.200.81:52507] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||allotrope.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "allotrope.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiLfGWeE2CV0aTMyG-P0JgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack