๐บ๐ธ
TPI-Abuse
2026-06-28 22:48:59
(7 hours ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:48:43.585913 2026] [security2:error] [pid 1635:tid 1635] [client 163.223.227.37:49050] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||paulshorrock.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paulshorrock.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "akGkyx8AA9I4YqWx4fMgNgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-26 04:13:42
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 03:00:33
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 23:00:16.318809 2026] [security2:error] [pid 17098:tid 17098] [client 163.223.227.37:34490] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jennyfiore.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jennyfiore.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj3rQDnZLI6chaWn7JdPsQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 01:46:27
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 21:46:13.842422 2026] [security2:error] [pid 5976:tid 5980] [client 163.223.227.37:43974] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||colegiopiramide.edu.gt.datascan-site.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "colegiopiramide.edu.gt.datascan-site.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj3Z5apy_OxlyvtvJffBwgAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 03:07:08
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 23:06:53.818854 2026] [security2:error] [pid 1520:tid 1520] [client 163.223.227.37:45006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||zerotaxlab.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zerotaxlab.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajybTQPaz7_EUMVPIrlbwwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-25 02:31:32
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-23 13:31:42
(5 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 00:03:09
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 20:02:54.156156 2026] [security2:error] [pid 15892:tid 15961] [client 163.223.227.37:59706] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||leadingedgesupply.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "leadingedgesupply.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajXYrnw40AVnIraobSWsngAAAQk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 09:26:48
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 05:26:31.596746 2026] [security2:error] [pid 1849:tid 1849] [client 163.223.227.37:48430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dev.cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dev.cosplayculture.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajULR-jPPyhbSOzqLJldpgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 13:37:36
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:37:22.317951 2026] [security2:error] [pid 8083:tid 8083] [client 163.223.227.37:54742] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brianwhitty.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brianwhitty.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiwLkgxF6zDxhrfwJRtw9AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-12 11:55:44
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฒ๐น
Malta
2026-06-08 18:29:41
(2 weeks ago)
163.223.227.37 - - [08/Jun/2026:20:29:41 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Fedor ...
show more
163.223.227.37 - - [08/Jun/2026:20:29:41 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
freeutka
2026-06-08 15:07:45
(2 weeks ago)
WordPress brute-force login attempt on wp-login.php.
Brute-Force
Web App Attack
๐ฌ๐ง
spamverify.com
2026-06-07 16:51:25
(3 weeks ago)
Honeypot Hit: xmlrpc.php
Web Spam
Blog Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 22:58:23
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.223.227.37 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 18:58:07.948364 2026] [security2:error] [pid 2092:tid 2116] [client 163.223.227.37:44358] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||giere.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "giere.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aiSl_1g5oXYBM1n9dZtKbQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack