๐บ๐ธ
TPI-Abuse
2026-07-09 22:02:38
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 18:02:31.703471 2026] [security2:error] [pid 12394:tid 12394] [client 170.168.172.19:21199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sheargrafix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sheargrafix.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alAad9WlpyPS8aWZd9WTtQAAAAU"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-02 21:15:11
(2 months ago)
PARMACOM WEBEXPLOIT 170.168.172.19 (170.168.172.19)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-24 16:28:37
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 12:28:33.247461 2026] [security2:error] [pid 11696:tid 11696] [client 170.168.172.19:51113] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kellenbarger.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kellenbarger.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeuaMe3BJ0j2bB3ZGoSGTwAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-26 02:24:14
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 22:24:09.681480 2026] [security2:error] [pid 30657:tid 30657] [client 170.168.172.19:58087] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||webjemm.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "webjemm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acSYyQuFykLxWPL4xoTweQAAAAU"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ambor
2026-03-22 18:44:56
(3 months ago)
Honeypot access: WordPress admin access attempt. Path: /wp-login.php
Brute-Force
Web App Attack
๐บ๐ธ
ambor
2026-03-06 02:28:53
(4 months ago)
Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: ...
show more
Honeypot triggered on tcpdata.com - Attempted to access /wp-login.php (wordpress_login). User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-02 12:47:43
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 02 07:47:35.654811 2026] [security2:error] [pid 13585:tid 13585] [client 170.168.172.19:53761] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||normteslaa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "normteslaa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaWG561quSniny4rzmK-hQAAAAo"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-02-13 11:00:41
(4 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 170.168.172.19 (FR/France/-): 1 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 170.168.172.19 (FR/France/-): 1 in the last 3600 secs
show less
Web App Attack
Anonymous
2026-02-12 23:26:41
(4 months ago)
wordpress-trap
Web App Attack
๐ณ๐ฑ
i-turnradio.nl
2026-02-10 23:40:44
(5 months ago)
2026-02-11 00:40:44 (CET) ~ Blocked by abusescan risk assessment
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-01 12:00:53
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 01 07:00:50.571510 2026] [security2:error] [pid 7406:tid 7406] [client 170.168.172.19:44885] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jolankagroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aVZh8mh25QQLf2ldp7IV8wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
ofm-abuse
2025-12-31 06:33:14
(6 months ago)
Brute-force
...
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
F242
2025-12-27 09:08:05
(6 months ago)
Wordpress Login or XMLRPC abuse
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-26 15:20:27
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.172.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 10:20:24.401587 2025] [security2:error] [pid 14582:tid 14582] [client 170.168.172.19:57727] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||superlamb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "superlamb.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aU6nuEHwuKdMiA_i7DOjpgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
SilverZippo
2025-12-26 13:51:00
(6 months ago)
Web App Attack
Web App Attack