๐บ๐ธ
TPI-Abuse
2026-07-09 23:25:45
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 19:25:38.777155 2026] [security2:error] [pid 10860:tid 10860] [client 122.8.94.250:65405] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||joycebrown.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "joycebrown.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alAt8qe6udjIp5-PzKDyewAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 15:14:24
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 11:14:18.820148 2026] [security2:error] [pid 22491:tid 22491] [client 122.8.94.250:48815] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||daruwala.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "daruwala.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajK5ymedHm5S-9ey2fkiHgAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-17 11:48:04
(4 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-06-14 16:07:37
(1 month ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-13 09:20:00
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 05:19:56.487500 2026] [security2:error] [pid 5237:tid 5237] [client 122.8.94.250:23163] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mcthorpe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mcthorpe.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai0gvE1kj2Hb0ezFPC4SmQAAABY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-08 01:15:27
(1 month ago)
FPROCO WEBEXPLOIT 122.8.94.250 (122.8.94.250)
Web App Attack
๐จ๐ฆ
1gz
2026-06-03 10:15:29
(1 month ago)
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from CN.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /wp-login.php
UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-24 23:56:05
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 122.8.94.250 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 19:56:01.228649 2026] [security2:error] [pid 28840:tid 28840] [client 122.8.94.250:47667] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||waterjetsolutions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "waterjetsolutions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahOQEUV9-8VbVMHrjf0_mgAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ph
2026-03-18 23:04:31
(3 months ago)
Bad web bot attempting to run wp-login.php on non-WP site
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
kjaerulff
2026-03-07 12:25:09
(4 months ago)
Failed Wordpress login using wp-login.php
Web App Attack