πΊπΈ
TPI-Abuse
2026-06-29 06:39:08
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:39:00.822643 2026] [security2:error] [pid 5235:tid 5235] [client 144.76.91.155:47770] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brexitop.bamedica.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brexitop.bamedica.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akITBCm0IbusOinNmSXkSwAAAFw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 04:24:37
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:24:32.467012 2026] [security2:error] [pid 17624:tid 17624] [client 144.76.91.155:38408] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||elgar.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "elgar.us"] [uri "/wp-json/wp/v2/users"] [unique_id "akHzgEw0QRSZlJZCEHS6WgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 01:28:03
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:27:56.604662 2026] [security2:error] [pid 28775:tid 28775] [client 144.76.91.155:55894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arkqp.kreweofhyatt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arkqp.kreweofhyatt.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akHKHFYyP7aGxyYXdlCPuAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 20:16:58
(11 hours ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:16:54.124604 2026] [security2:error] [pid 12624:tid 12624] [client 144.76.91.155:46508] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||robinsnestingplace.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "robinsnestingplace.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akGBNlisHmsAhbpTBnl3ywAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-28 19:50:44
(12 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 15:33:53
(16 hours ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:33:48.463217 2026] [security2:error] [pid 12462:tid 12462] [client 144.76.91.155:35986] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||edmestonfd.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edmestonfd.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akE-3N5xMT2EvCeEnNgU-AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 14:37:24
(17 hours ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:37:20.126829 2026] [security2:error] [pid 11093:tid 11107] [client 144.76.91.155:48380] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||utahhoaservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "utahhoaservices.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akExoKDi5hZcr6iqn65kNgAAAUo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 13:11:28
(18 hours ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:11:21.603148 2026] [security2:error] [pid 4868:tid 4868] [client 144.76.91.155:33250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||certifiedfarmersmarkets.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "certifiedfarmersmarkets.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akEdec_elS4I-idLrOj5JQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
ger-stg-sifi1
2026-06-28 00:16:44
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
π«π·
tecnicorioja
2026-06-27 22:00:44
(1 day ago)
wp-login attack [27/Jun/2026:21:04:22
Brute-Force
Web App Attack
π²πΉ
Malta
2026-06-27 02:55:11
(2 days ago)
144.76.91.155 - - [27/Jun/2026:04:55:10 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ...
show more
144.76.91.155 - - [27/Jun/2026:04:55:10 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π·π΄
SpamStopper
2026-06-21 22:34:31
(1 week ago)
Fail2Ban - WP Spoofing
Port Scan
Brute-Force
Web App Attack
π²π½
octageeks.com
2026-06-20 04:15:12
(1 week ago)
Wordpress malicious attack:[octaflood]
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-20 01:09:11
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.you ...
show more
(mod_security) mod_security (id:225170) triggered by 144.76.91.155 (static.155.91.76.144.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:09:05.276577 2026] [security2:error] [pid 26091:tid 26091] [client 144.76.91.155:60448] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dancingbearprinting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dancingbearprinting.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajXoMZVx9E8IwYxw7YeWGQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-19 21:24:02
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack