๐ณ๐ฑ
wlt-blocker
2026-07-09 23:54:48
(10 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐จ๐ด
adalbertoreyes.org
2026-07-09 17:45:43
(16 hours ago)
CategoryPortScan
Port Scan
Anonymous
2026-07-09 00:18:47
(1 day ago)
(wordpress) Failed wordpress login from 85.60.52.84 (ES/Spain/84.pool85-60-52.dynamic.orange.es)
Brute-Force
๐ณ๐ฑ
wlt-blocker
2026-07-08 17:19:29
(1 day ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:19:50
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es) ...
show more
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:19:41.873584 2026] [security2:error] [pid 29880:tid 29880] [client 85.60.52.84:61858] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||velocitymech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "velocitymech.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgnbdBJf3aX7ABRd5Hi_gAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-03 19:48:18
(6 days ago)
Unauthorized access to webpage admin
Web App Attack
๐จ๐ญ
4server
2026-07-03 18:22:51
(6 days ago)
[FriJul0320:22:46.0600562026][security2:error][pid3092406:tid3092911][client85.60.52.84:0]ModSecurit ...
show more
[FriJul0320:22:46.0600562026][security2:error][pid3092406:tid3092911][client85.60.52.84:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"sesael.ch\"][uri\"/xmlrpc.php\"][unique_id\"akf99oQMRPMG_ERkolQvgAAAAEg\"]
show less
Hacking
Web App Attack
๐บ๐ธ
Penny Packer
2026-07-02 18:17:37
(1 week ago)
Fail2Ban apache-tripwires
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:33:09
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es) ...
show more
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:33:01.935068 2026] [security2:error] [pid 25077:tid 25077] [client 85.60.52.84:51300] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ashleycroft.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ashleycroft.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akWHjU7BtkHWZqY-hETziwAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-07-01 20:07:07
(1 week ago)
[WedJul0122:07:02.7909982026][security2:error][pid1407577:tid1407734][client85.60.52.84:0]ModSecurit ...
show more
[WedJul0122:07:02.7909982026][security2:error][pid1407577:tid1407734][client85.60.52.84:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"4host.biz\"][uri\"/xmlrpc.php\"][unique_id\"akVzZvCsNcFQo-X4L-U1VwAAABY\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:19:47
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es) ...
show more
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:19:40.691758 2026] [security2:error] [pid 24143:tid 24143] [client 85.60.52.84:49678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||montidaunitour.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "montidaunitour.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akQIvJdleV5skL9MXuygqQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-06-29 20:08:42
(1 week ago)
(wordpress) Failed wordpress login from 85.60.52.84 (ES/Spain/84.pool85-60-52.dynamic.orange.es)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 01:35:01
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es) ...
show more
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:34:54.910817 2026] [security2:error] [pid 10350:tid 10350] [client 85.60.52.84:57206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||exhaustthelimits.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "exhaustthelimits.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akHLvk5XMfRLQ-cIzvl9BAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-28 23:30:17
(1 week ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 21:27:00
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es) ...
show more
(mod_security) mod_security (id:225170) triggered by 85.60.52.84 (84.pool85-60-52.dynamic.orange.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:26:56.013634 2026] [security2:error] [pid 14464:tid 14498] [client 85.60.52.84:54766] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||captechinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "captechinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGRoNncOr2G8IDnYOrdPQAAAJg"]
show less
Brute-Force
Bad Web Bot
Web App Attack