๐จ๐ญ
4server
2026-07-04 13:16:50
(7 hours ago)
[SatJul0415:16:42.9684052026][security2:error][pid2648018:tid2648065][client147.93.108.149:0]ModSecu ...
show more
[SatJul0415:16:42.9684052026][security2:error][pid2648018:tid2648065][client147.93.108.149:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"comarcosa.com\"][uri\"/wp-login.php\"][unique_id\"akkHuogMIHwTr7puxEYteQAAAI4\"]\,referer:https://comarcosa.com/wp-login.php
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 08:05:10
(12 hours ago)
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:05:03.605375 2026] [security2:error] [pid 4718:tid 4765] [client 147.93.108.149:56894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mtiminis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mtiminis.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aki-ryD9CF-1Z5bEzcY-6wAAAFI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-04 06:49:35
(14 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 01:46:59
(19 hours ago)
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:46:53.977617 2026] [security2:error] [pid 11070:tid 11070] [client 147.93.108.149:39832] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||d365geek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "d365geek.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akhmDcbtLBMNEFByVdkuuwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:04:35
(23 hours ago)
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:04:32.266343 2026] [security2:error] [pid 21853:tid 21853] [client 147.93.108.149:60602] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ussthresher.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ussthresher.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgj4FNxBtn2EP1yOmnKCQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:27:11
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:27:05.236474 2026] [security2:error] [pid 3731:tid 3731] [client 147.93.108.149:37696] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||stinsonbeachsurfandkayak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stinsonbeachsurfandkayak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgbGeb1Ilomn2mS3XDdkwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-02 15:27:35
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐จ๐ฟ
ptlab
2026-07-02 06:45:12
(2 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-02 03:18:03
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ซ๐ท
masterguru
2026-07-02 03:06:06
(2 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 147.93.108.149 (IN/India/srv900791.hstgr.clou ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 147.93.108.149 (IN/India/srv900791.hstgr.cloud): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 19:32:50
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 15:32:43.418678 2026] [security2:error] [pid 4455:tid 4455] [client 147.93.108.149:40998] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kairoslogammakmur.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kairoslogammakmur.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akVrW9JKVpmG5ATMdDhyEgAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 15:19:33
(3 days ago)
Web attack blocked by Wordfence on kernoverlegsibbe-ijzeren.nl (1 hit). Reported by CRMON.
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-01 15:00:06
(3 days ago)
Wordfence waf block on madesimpleskincare
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 10:35:49
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 147.93.108.149 (srv900791.hstgr.cloud): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:35:45.838583 2026] [security2:error] [pid 1417:tid 1417] [client 147.93.108.149:38852] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bikinitweets.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bikinitweets.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTtgSY0iA4T44zklfzd7QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
floreriaexpress
2026-07-01 10:22:03
(3 days ago)
FakeADS-Anti: country:IN | https://mail.floreriaexpresschile.cl/wp-login.php
Bad Web Bot