|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:45:38.665503 2026] [security2:error] [pid 22617:tid 22617] [client 88.208.227.132:57596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bickleton.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bickleton.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajmtAiaG0kUMkgM78SCxvQAAABU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 11:51:39.333876 2026] [security2:error] [pid 15885:tid 15885] [client 88.208.227.132:47842] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.batesstrategygroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.batesstrategygroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajlaC9hheqHAKcV-6dMlwAAAACM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 230 "-" " ...
show more
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0"
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0"
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0"
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0"
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 230 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0"
[redacted] 88.208.227.132 - - [22/Jun/2026:11:53:40 +0200] "POST /xmlrpc.php HTTP/1.1" 20
...
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 03:37:28.106606 2026] [security2:error] [pid 2573:tid 2573] [client 88.208.227.132:40240] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.budgetbyron.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.budgetbyron.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajjmOFZjbSkfbB4T97ZF-AAAABs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 12:17:46.449374 2026] [security2:error] [pid 6856:tid 6856] [client 88.208.227.132:49990] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wholesalelivelobsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wholesalelivelobsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajgOqko31AHB7H3d1gcHYgAAABY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 11:44:22.729776 2026] [security2:error] [pid 9330:tid 9330] [client 88.208.227.132:54378] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.j3pr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.j3pr.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajgG1gns6cT3rjdatE7d1AAAABY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
SpaceHost-Server
|
|
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 05:26:34.319326 2026] [security2:error] [pid 5479:tid 5567] [client 88.208.227.132:41786] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pref-realestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pref-realestate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajZcyq3UV9DJkaVdFuBwRwAAAMs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" " ...
show more
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0"
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0"
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:51.0) Gecko/20100101 Firefox/51.0"
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0"
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:40.0) Gecko/20100101 Firefox/40.0"
[redacted] 88.208.227.132 - - [20/Jun/2026:10:36:01 +0200] "POST /xmlrpc.php HTTP/1
...
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:09:42.440472 2026] [security2:error] [pid 5460:tid 5460] [client 88.208.227.132:42038] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.concentricsteel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.concentricsteel.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajZKxr639UkmoxwSw_vqxwAAACA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 18:54:51.271114 2026] [security2:error] [pid 7207:tid 7207] [client 88.208.227.132:56506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ruthbalser.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ruthbalser.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajXIu6O9lPGFo5YHUjvSJwAAAA8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 03:13:05.484848 2026] [security2:error] [pid 8198:tid 8198] [client 88.208.227.132:40256] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.uphillfarmvt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.uphillfarmvt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajOagQ7O2s3ctBjflxY6BQAAACE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the la ...
show more
(mod_security) mod_security (id:225170) triggered by 88.208.227.132 (londonminibus.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 07:47:17.870058 2026] [security2:error] [pid 31070:tid 31070] [client 88.208.227.132:44218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bolivarbulletintimes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bolivarbulletintimes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajKJRTMToKFTzG9eIJQWOwAAACQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|