๐จ๐ฆ
Dolphi
2026-06-22 14:50:02
(2 weeks ago)
Excessive POST /wp-login.php requests
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 22:39:11
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 18:39:06.204324 2026] [security2:error] [pid 20789:tid 20789] [client 103.127.135.164:60854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.haverhillhouse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.haverhillhouse.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajhoCpZFaHxW5lNWCJv9rgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 19:36:42
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 15:36:34.021976 2026] [security2:error] [pid 24001:tid 24001] [client 103.127.135.164:36852] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.brushmileage.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.brushmileage.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajg9QryIR6vJ-xy_ip-DOQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 19:46:15
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 15:46:09.954704 2026] [security2:error] [pid 28665:tid 28665] [client 103.127.135.164:50496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.jesussotoca.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jesussotoca.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajbuAWLwg4fMmJt90d6H3wAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 15:56:49
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 11:56:41.854459 2026] [security2:error] [pid 1919:tid 1919] [client 103.127.135.164:46426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||adona.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "adona.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aimJOcv-HBvWGjiX97xEogAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 14:56:10
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:56:05.963484 2026] [security2:error] [pid 6772:tid 6772] [client 103.127.135.164:39692] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||realdesigninterior.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "realdesigninterior.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ail7BTiCht3BmvW7T2oPCgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 09:13:33
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 05:13:26.396940 2026] [security2:error] [pid 1481:tid 1481] [client 103.127.135.164:48788] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.majesticsolutions.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.majesticsolutions.co"] [uri "/wp-json/wp/v2/users"] [unique_id "aikqtq5xL0dJE-yDOHLxWwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 23:31:27
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 19:31:21.877884 2026] [security2:error] [pid 3533:tid 3533] [client 103.127.135.164:55284] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.whodatnation.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.whodatnation.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiiiSZ3tY_J9l-rjsdqPawAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 15:31:26
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 11:31:20.772298 2026] [security2:error] [pid 4168:tid 4168] [client 103.127.135.164:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||local639.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "local639.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aigxyK1stD6VR1fAOUOY6AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 11:32:03
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:31:55.122038 2026] [security2:error] [pid 7490:tid 7510] [client 103.127.135.164:38262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cynosureinternetservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cynosureinternetservices.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aif5q4tc2BqobXNTFh7FrwAAAJE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 07:36:23
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 03:36:15.232029 2026] [security2:error] [pid 21128:tid 21128] [client 103.127.135.164:49534] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.tonytremblayauthor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.tonytremblayauthor.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aifCbw3RDxsaswkLHdjy8AAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-08 01:59:38
(4 weeks ago)
(wp_login_try) srv103 WP Login Attempt 103.127.135.164 (ID/Indonesia/ip-164-135-127-103.wjv-1.biznet ...
show more
(wp_login_try) srv103 WP Login Attempt 103.127.135.164 (ID/Indonesia/ip-164-135-127-103.wjv-1.biznetg.io): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 06:09:49
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 02:09:43.771677 2026] [security2:error] [pid 22223:tid 22223] [client 103.127.135.164:44022] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ubuciko.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ubuciko.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiO5p0_dX9JcrCN38jhXUwAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 08:20:31
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 04:20:23.630206 2026] [security2:error] [pid 17759:tid 17798] [client 103.127.135.164:43346] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||daraluz.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "daraluz.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aiKGx8SNFUo6TFQ-3y_R0gAAAYY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 20:58:45
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.bizne ...
show more
(mod_security) mod_security (id:225170) triggered by 103.127.135.164 (ip-164-135-127-103.wjv-1.biznetg.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 16:58:36.984889 2026] [security2:error] [pid 30187:tid 30195] [client 103.127.135.164:53136] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rawhabitat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rawhabitat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiHm_DE0rbSFnRBBVf2GAQAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack