๐บ๐ธ
TPI-Abuse
2026-07-05 15:07:49
(42 minutes ago)
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 11:07:45.200774 2026] [security2:error] [pid 31685:tid 31685] [client 104.248.158.185:51219] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||televisonic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "televisonic.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akpzQVg8MJDA8UB6ooeExAAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
LRob
2026-07-05 14:57:43
(52 minutes ago)
CrowdSec: lrob/wp-xmlrpc-bf | req: ["/xmlrpc.php"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) ...
show more
CrowdSec: lrob/wp-xmlrpc-bf | req: ["/xmlrpc.php"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"]
show less
Brute-Force
Web App Attack
Anonymous
2026-07-05 14:51:05
(59 minutes ago)
2026-07-05T16:51:05.039142+02:00 polaris wp(sahpa.co.za)[108055]: Blocked authentication attempt for ...
show more
2026-07-05T16:51:05.039142+02:00 polaris wp(sahpa.co.za)[108055]: Blocked authentication attempt for LisaNcube from 104.248.158.185
...
show less
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2026-07-05 14:32:12
(1 hour ago)
Wordpress_xmlrpc_attack
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-05 14:28:32
(1 hour ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
oralunal
2026-07-05 14:08:00
(1 hour ago)
IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds
...
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 22:45:57
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:45:53.060627 2026] [security2:error] [pid 21843:tid 21843] [client 104.248.158.185:58305] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||veneerdent.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "veneerdent.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akGkIa3y8jT7KIQ7G9a72wAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-28 22:30:05
(6 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
agenciahypelab.com.br
2026-06-28 22:27:52
(6 days ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐ง๐ช
Saec
2026-06-28 20:30:07
(6 days ago)
Jarvis auto-ban: CF honeypot path /xmlrpc.php (2ร on saec.me)
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 20:12:19
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:12:12.775526 2026] [security2:error] [pid 16197:tid 16197] [client 104.248.158.185:59678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ssion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ssion.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akGAHJSWsBzM7uhVmKeTZQAAAAc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tilellit.pro
2026-06-28 07:47:08
(1 week ago)
Fail2Ban banned 104.248.158.185 for security violations in jail wp-armour. Log: 2026/06/28 07:47:07 ...
show more
Fail2Ban banned 104.248.158.185 for security violations in jail wp-armour. Log: 2026/06/28 07:47:07 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 104.248.158.185 | Target: wplogin" , client: 104.248.158.185, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-admin/"
...
show less
Web Spam
๐น๐ท
baku.hosting
2026-06-28 07:36:14
(1 week ago)
CSF Auto Report: (cpanel) Failed cPanel login from 104.248.158.185 (SG/Singapore/-): 4 in the last 3 ...
show more
CSF Auto Report: (cpanel) Failed cPanel login from 104.248.158.185 (SG/Singapore/-): 4 in the last 3600 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 07:33:07
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 104.248.158.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:33:02.455492 2026] [security2:error] [pid 18589:tid 18589] [client 104.248.158.185:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hvacs-aircon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hvacs-aircon.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akDOLogfhZSn4xo5ZL0EtgAAAAY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-28 05:40:02
(1 week ago)
Web attack/malicious scanning detected
Web App Attack