๐บ๐ธ
TPI-Abuse
2026-06-28 21:10:58
(43 minutes ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:10:53.837862 2026] [security2:error] [pid 30702:tid 30702] [client 168.119.248.117:54142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||snowrideadventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "snowrideadventures.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGN3cuXx90WRU9vYpoaMgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
omc
2026-06-28 20:45:53
(1 hour ago)
Banned IP [QC]. GET /wordpress/xmlrpc.php [Q4].
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-28 20:34:43
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:34:38.755890 2026] [security2:error] [pid 21100:tid 21100] [client 168.119.248.117:49974] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||puckerbikinis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "puckerbikinis.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "akGFXqZuCkl6hRbiX3L4aQAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 19:55:10
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 15:55:03.499899 2026] [security2:error] [pid 1388:tid 1472] [client 168.119.248.117:48654] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||maroontribe.philacentric.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maroontribe.philacentric.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akF8F29G7YPEwoIDSiENHgAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 17:59:38
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:59:34.762924 2026] [security2:error] [pid 4388:tid 4388] [client 168.119.248.117:60578] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||adona.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "adona.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akFhBlOe8E6gvmpMHx9A1AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-28 17:44:42
(4 hours ago)
stkildashule.org.au:443 168.119.248.117 - - [29/Jun/2026:03:44:40 +1000] "GET /?author=5&feed=rss2 H ...
show more
stkildashule.org.au:443 168.119.248.117 - - [29/Jun/2026:03:44:40 +1000] "GET /?author=5&feed=rss2 HTTP/1.1" 404 48890 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-28 17:40:25
(4 hours ago)
(y3) Failed access -byebye- from 168.119.248.117 (DE/Germany/static.117.248.119.168.clients.your-ser ...
show more
(y3) Failed access -byebye- from 168.119.248.117 (DE/Germany/static.117.248.119.168.clients.your-server.de): (CF_ENABLE)
show less
Hacking
๐บ๐ธ
ambor
2026-06-28 17:02:46
(4 hours ago)
Honeypot triggered: /wp-json/wp/v2/users on ifebridge.com. User-Agent: Mozilla/5.0 (Windows NT 10.0; ...
show more
Honeypot triggered: /wp-json/wp/v2/users on ifebridge.com. User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36. Method: GET
show less
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-06-28 16:48:06
(5 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 16:30:32
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:30:14.104970 2026] [security2:error] [pid 28866:tid 28866] [client 168.119.248.117:57626] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ussthresher.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ussthresher.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akFMFdnh_LqXtU18FYhlRwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-28 15:28:30
(6 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-28 15:13:59
(6 hours ago)
balcomberetreat.com.au:443 168.119.248.117 - - [29/Jun/2026:01:13:57 +1000] "GET /?author=4 HTTP/1.1 ...
show more
balcomberetreat.com.au:443 168.119.248.117 - - [29/Jun/2026:01:13:57 +1000] "GET /?author=4 HTTP/1.1" 404 3803 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 15:13:38
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:13:31.544175 2026] [security2:error] [pid 29276:tid 29276] [client 168.119.248.117:43850] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gegkal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gegkal.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akE6GwW3MypzH1p_xnRJbQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
filstal.org
2026-06-28 15:06:17
(6 hours ago)
WordPress login brute-force detected.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 14:47:07
(7 hours ago)
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 168.119.248.117 (static.117.248.119.168.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 10:46:59.373342 2026] [security2:error] [pid 16071:tid 16071] [client 168.119.248.117:36306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tcit.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tcit.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akEz438qrgKUfkB_oZYiRAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack