๐บ๐ธ
TPI-Abuse
2026-07-03 12:16:56
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:16:49.320997 2026] [security2:error] [pid 22870:tid 22870] [client 18.140.155.100:58470] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||iconbizpromo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iconbizpromo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeoMb74aUWOIeFJsrA66gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:54:09
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:54:03.608643 2026] [security2:error] [pid 18387:tid 18387] [client 18.140.155.100:34448] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tileoptima.mooseled.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tileoptima.mooseled.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akei257Idw8RvmzhozAUUAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:04:57
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:04:54.162969 2026] [security2:error] [pid 4576:tid 4576] [client 18.140.155.100:35372] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||marcosbarraza.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marcosbarraza.net"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akeXVnyDwj_1C8jyXSxUtwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 10:33:37
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:33:29.658141 2026] [security2:error] [pid 21352:tid 21367] [client 18.140.155.100:55710] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||executiveconsultingpr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "executiveconsultingpr.com"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akeP-b1kTYBbwThIBss0gQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 10:18:19
(6 days ago)
2026-07-03T12:18:18.348365+02:00 aion wordpress[1449929]: Blocked user enumeration attempt from 18.1 ...
show more
2026-07-03T12:18:18.348365+02:00 aion wordpress[1449929]: Blocked user enumeration attempt from 18.140.155.100
...
show less
Hacking
Brute-Force
๐จ๐ฆ
polycoda
2026-07-03 10:03:08
(6 days ago)
๐ Probes for wp-login.php and other inexistent URLs
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 09:50:27
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 05:50:19.808141 2026] [security2:error] [pid 20816:tid 20816] [client 18.140.155.100:48428] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||persnicketyinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "persnicketyinc.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akeF22FdEbnHv7Naog_qWQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-07-03 09:24:52
(6 days ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-07-03 09:23:21
(6 days ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-03 09:20:35
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 05:20:30.878502 2026] [security2:error] [pid 21543:tid 21543] [client 18.140.155.100:41216] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||495metro.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "495metro.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akd-3iuF1bRRTbX1jO2ARwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-03 09:14:44
(6 days ago)
Try to access /blog/xmlrpc.php
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 09:07:49
(6 days ago)
724 requests to many distinct domains in 1 hour (2w2d15h)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 08:04:02
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:03:55.934955 2026] [security2:error] [pid 8858:tid 8858] [client 18.140.155.100:51756] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sp.cloudex.link|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sp.cloudex.link"] [uri "/wp-json/wp/v2/users"] [unique_id "akds60pjSmf7a70fPUGnEAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-03 08:00:43
(6 days ago)
WordPress author enumeration
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 07:05:24
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast ...
show more
(mod_security) mod_security (id:225170) triggered by 18.140.155.100 (ec2-18-140-155-100.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:05:16.913710 2026] [security2:error] [pid 10203:tid 10203] [client 18.140.155.100:51222] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||directcch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "directcch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akdfLNyWLGKUsXb0Kk10_AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack