Anonymous
2026-06-22 14:11:34
(2 weeks ago)
[redacted] 185.104.44.47 - - [22/Jun/2026:16:11:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "M ...
show more
[redacted] 185.104.44.47 - - [22/Jun/2026:16:11:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:42.0) Gecko/20100101 Firefox/42.0"
[redacted] 185.104.44.47 - - [22/Jun/2026:16:11:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0"
[redacted] 185.104.44.47 - - [22/Jun/2026:16:11:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:98.0) Gecko/20100101 Firefox/98.0"
[redacted] 185.104.44.47 - - [22/Jun/2026:16:11:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96.0"
[redacted] 185.104.44.47 - - [22/Jun/2026:16:11:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 22:52:33
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 18:52:28.847532 2026] [security2:error] [pid 905:tid 905] [client 185.104.44.47:4522] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.citizensforsanity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.citizensforsanity.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajhrLGeDx9u6zdf05trSygAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 14:15:16
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 10:15:10.386527 2026] [security2:error] [pid 27073:tid 27073] [client 185.104.44.47:22898] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||honigcpa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "honigcpa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajVO7k5p1g5w1xhiMdrOkAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
R.G.
2026-06-19 09:44:44
(2 weeks ago)
(XMLRPCorWHATEVER) Get lost please 185.104.44.47 (UA/Ukraine/business-73.default-host.net): 3 in the ...
show more
(XMLRPCorWHATEVER) Get lost please 185.104.44.47 (UA/Ukraine/business-73.default-host.net): 3 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 12:45:48
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 08:45:44.464124 2026] [security2:error] [pid 26269:tid 26269] [client 185.104.44.47:57576] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ruthbalser.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ruthbalser.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajPoeCn8D23eG-15-lVPYgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 05:45:11
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 01:45:04.812082 2026] [security2:error] [pid 8263:tid 8263] [client 185.104.44.47:60488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.uphillfarmvt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.uphillfarmvt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajI0YLo0fpUK9NOlaD3MWwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 03:34:19
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 23:34:12.021563 2026] [security2:error] [pid 27030:tid 27030] [client 185.104.44.47:22470] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.edgebiopharma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.edgebiopharma.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajIVtA5Irj6x6q8ZO-uZBgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 15:25:18
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 11:25:12.190858 2026] [security2:error] [pid 22991:tid 22991] [client 185.104.44.47:47706] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.rockinr.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.rockinr.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajFq2HqyWwS2FdXuks52pwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 12:42:58
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 08:42:53.055846 2026] [security2:error] [pid 6467:tid 6467] [client 185.104.44.47:18940] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.paulsingdahlsen.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.paulsingdahlsen.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai6hzYdd4awsjNV4RtLhJgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 15:41:42
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 11:41:36.466967 2026] [security2:error] [pid 13224:tid 13224] [client 185.104.44.47:36094] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.badgerkelley.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.badgerkelley.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai16MI-KyymeRUjpRYPnZQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 04:38:03
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:37:56.088487 2026] [security2:error] [pid 619:tid 647] [client 185.104.44.47:11098] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.giere.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.giere.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aizepPaV8zmBhRseAfVSpgAAAUk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-13 04:22:55
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 00:22:50.184716 2026] [security2:error] [pid 25405:tid 25405] [client 185.104.44.47:18272] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nextstepplus.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nextstepplus.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aizbGjWdzvcb6IKNNhVaNQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 13:51:20
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 09:51:13.385879 2026] [security2:error] [pid 15849:tid 15849] [client 185.104.44.47:14366] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wholesalelivelobsters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wholesalelivelobsters.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiwO0Q2s_AkgERxvYvEOlwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-12 01:12:05
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 21:11:58.774530 2026] [security2:error] [pid 7559:tid 7559] [client 185.104.44.47:52104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sizefinder.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sizefinder.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aitc3kCeJ77axUmF1paNtgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-10 18:51:33
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 185.104.44.47 (business-73.default-host.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:51:26.956841 2026] [security2:error] [pid 10166:tid 10166] [client 185.104.44.47:45370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.blublk.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.blublk.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aimyLquKLLJKMLlice0sTAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack