๐บ๐ธ
NetVexor
2026-07-02 07:14:04
(1 day ago)
Attack source identified and submitted via NetVexor BGP Blackhole Network
Port Scan
Hacking
Brute-Force
๐ช๐ธ
librebit
2026-06-29 00:45:54
(4 days ago)
Brute force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-23 23:03:56
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 19:03:50.586437 2026] [security2:error] [pid 31063:tid 31063] [client 170.168.30.25:10523] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||itre.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "itre.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajsQ1il6ogkg5rg7oku3UwAAACI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-12 22:37:08
(2 weeks ago)
WordPress wp-login.php Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ฎ
KnightIndustries
2026-05-26 15:45:11
(1 month ago)
2026-05-26T17:45:06.313524+02:00 milkyway wordpress(oldscarborough.com)[1271190]: Authentication att ...
show more
2026-05-26T17:45:06.313524+02:00 milkyway wordpress(oldscarborough.com)[1271190]: Authentication attempt for unknown user [email protected] from 170.168.30.25
2026-05-26T17:45:08.650080+02:00 milkyway wordpress(oldscarborough.com)[1271190]: Authentication attempt for unknown user jfawcett1998 from 170.168.30.25
2026-05-26T17:45:10.625765+02:00 milkyway wordpress(oldscarborough.com)[1271190]: Authentication attempt for unknown user admin from 170.168.30.25
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 09:41:46
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 05:41:39.110576 2026] [security2:error] [pid 13730:tid 13730] [client 170.168.30.25:45747] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kennedysplace.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kennedysplace.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag7TU7MyvCTa6FgtL6IDhgAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-13 04:13:49
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 13 00:13:41.541994 2026] [security2:error] [pid 24180:tid 24180] [client 170.168.30.25:61029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ecomim.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ecomim.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agP6dRa_EKTxb4XrHJ4Z_wAAAAY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-06 09:46:41
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 05:46:37.760154 2026] [security2:error] [pid 20285:tid 20285] [client 170.168.30.25:64309] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||kaplankrew.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kaplankrew.com"] [uri "/"] [unique_id "afsN_Yjn-NaS0mGKmEji5QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
ptlab
2026-04-21 00:53:50
(2 months ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-18 06:48:09
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 02:48:03.839682 2026] [security2:error] [pid 3036987:tid 3036987] [client 170.168.30.25:33031] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pcoecsi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pcoecsi.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeMpI6ltiu6o8lftWv2EUwAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-03-26 01:58:28
(3 months ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
kosada.com
2026-03-25 01:47:28
(3 months ago)
Web vulnerability probing: /xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-24 23:26:40
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 19:26:36.005428 2026] [security2:error] [pid 22726:tid 22726] [client 170.168.30.25:24221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||austingrammer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "austingrammer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acMdrOufAvS-zPJqQPee4QAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-23 10:09:30
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 06:09:24.016109 2026] [security2:error] [pid 1724:tid 1724] [client 170.168.30.25:24855] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wave94.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wave94.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acERVG6BZU5hHJz0REHnxgAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-22 12:28:01
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.30.25 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 08:27:58.205496 2026] [security2:error] [pid 25648:tid 25648] [client 170.168.30.25:31569] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vaezi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vaezi.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ab_gTvrG73wlGMKs8VnCjQAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack