๐บ๐ธ
nyt
2026-07-13 12:36:42
(11 minutes ago)
Brute-Force, Web App Attack, suspicious: WP login POST blocked by WAF
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 10:47:04
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 06:46:56.394535 2026] [security2:error] [pid 27581:tid 27581] [client 157.245.146.32:54284] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||televisonic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "televisonic.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alTCIO5BrB91ZwjJ9ciOBgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 09:13:34
(3 hours ago)
2026-07-13T11:13:34.080152+02:00 polaris wp(sahpa.co.za)[16102]: Blocked authentication attempt for ...
show more
2026-07-13T11:13:34.080152+02:00 polaris wp(sahpa.co.za)[16102]: Blocked authentication attempt for Lisa from 157.245.146.32
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
solution.it
2026-07-12 14:27:02
(22 hours ago)
[Sun Jul 12 16:27:02.149357 2026] [php7:error] [pid 95188:tid 95188] [client 157.245.146.32:65080] s ...
show more
[Sun Jul 12 16:27:02.149357 2026] [php7:error] [pid 95188:tid 95188] [client 157.245.146.32:65080] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat, referer: https://solution.it/wp-admin/
show less
Web App Attack
Anonymous
2026-07-12 14:12:42
(22 hours ago)
157.245.146.32 - - [12/Jul/2026:16:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 2723 "https://www. ...
show more
157.245.146.32 - - [12/Jul/2026:16:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 2723 "https://www.learningladderzm.com/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
157.245.146.32 - - [12/Jul/2026:16:11:04 +0200] "POST /wp-login.php HTTP/1.1" 200 2216 "https://www.learningladderzm.com/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
157.245.146.32 - - [12/Jul/2026:16:11:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
157.245.146.32 - - [12/Jul/2026:16:11:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 206 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
157.245.146.32 - - [12/Jul/2026:16:12:41 +0200] "POST /wp-login.php HTTP/1.1" 200 2742 "http
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
consul.to
2026-07-12 13:32:19
(23 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 12:18:49
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 08:18:44.903070 2026] [security2:error] [pid 29569:tid 29569] [client 157.245.146.32:51873] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ssion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ssion.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alOGJO0ESfcM2ojV85avPQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ญ
MWA SOC
2026-07-12 12:18:41
(1 day ago)
Hacking
๐บ๐ธ
lostswordfish.com
2026-07-12 12:10:07
(1 day ago)
Wordfence waf block on fairregistry
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 10:34:40
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 06:34:35.882123 2026] [security2:error] [pid 26943:tid 26943] [client 157.245.146.32:50766] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.veneerdent.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.veneerdent.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alNtu69p_8_mahCdu3Wv4AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
electronico
2026-07-12 10:03:14
(1 day ago)
157.245.146.32 - - [12/Jul/2026:21:03:12 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "https://cttmd ...
show more
157.245.146.32 - - [12/Jul/2026:21:03:12 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "https://cttmd.nc/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
157.245.146.32 - - [12/Jul/2026:21:03:12 +1100] "POST /wp-login.php HTTP/1.1" 403 2107 "https://cttmd.nc/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
157.245.146.32 - - [12/Jul/2026:21:03:13 +1100] "GET /wp-admin/ HTTP/1.1" 302 448 "https://cttmd.nc/wp-admin/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 09:40:59
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 05:40:51.765213 2026] [security2:error] [pid 24648:tid 24648] [client 157.245.146.32:54838] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.goglobex.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.goglobex.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alNhI9Iw0myiIFo0iXAGJAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 09:01:30
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 05:01:23.452782 2026] [security2:error] [pid 23155:tid 23155] [client 157.245.146.32:64806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.evolute.io|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.evolute.io"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alNX48VYSNz87OvVADRakwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-07-12 08:42:45
(1 day ago)
WP Armour Plugin detection
Web Spam
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-12 08:41:04
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 157.245.146.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 04:40:59.725438 2026] [security2:error] [pid 21717:tid 21717] [client 157.245.146.32:64921] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||804web.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "804web.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alNTGxStlBWP2aq3kY1yTgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack