π«π·
tecnicorioja
2026-06-10 22:00:50
(1 week ago)
wp-login attack [10/Jun/2026:12:25:45
Brute-Force
Web App Attack
π¬π§
SCLwebadministrator
2026-06-10 07:36:00
(1 week ago)
Bruteforce WordPress logins detected with Loginizer
Brute-Force
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-06-10 07:00:38
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 03:00:33.707485 2026] [security2:error] [pid 26408:tid 26408] [client 194.164.26.127:48988] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||karishma.byles.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "karishma.byles.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aikLkbd4FEnGCnu3x3t70gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
LRob.fr
2026-06-10 06:00:07
(1 week ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-10 05:42:53
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 01:42:45.300951 2026] [security2:error] [pid 29035:tid 29035] [client 194.164.26.127:46766] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dwightbrown.com.casagrotto.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dwightbrown.com.casagrotto.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aij5VVs_X4Ex5C4cl1gUtgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²π½
octageeks.com
2026-06-10 04:52:48
(1 week ago)
Wordpress malicious attack:[octaflood]
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-10 04:42:59
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 00:42:54.541336 2026] [security2:error] [pid 3543:tid 3543] [client 194.164.26.127:56622] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bzbdesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bzbdesigns.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aijrTkjMlw26ooAoxxNDZgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 23:47:15
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 19:47:08.563455 2026] [security2:error] [pid 21744:tid 21752] [client 194.164.26.127:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mindgardens.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mindgardens.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiil_PBaer9gjU--JnyXkwAAAEU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 23:26:40
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 19:26:34.702858 2026] [security2:error] [pid 21987:tid 21987] [client 194.164.26.127:42064] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||peacecampus.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "peacecampus.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiihKi2GCpUX6F46kY1YqQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
tecnicorioja
2026-06-09 22:00:17
(1 week ago)
POST /xmlrpc.php [09/Jun/2026:15:22:10
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 19:45:26
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 15:45:19.448894 2026] [security2:error] [pid 17893:tid 17893] [client 194.164.26.127:44324] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||theaccents.mainstreetofficesuites.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theaccents.mainstreetofficesuites.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aihtT1mByU_ZtZJKCiIn9AAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 18:01:15
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:01:12.090914 2026] [security2:error] [pid 29928:tid 29928] [client 194.164.26.127:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ipv6.local639.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ipv6.local639.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aihU6BI5jCi8A3VbRAR6PwAAAC4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-06-09 17:36:01
(1 week ago)
194.164.26.127 - - [10/Jun/2026:01:36:00 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 ...
show more
194.164.26.127 - - [10/Jun/2026:01:36:00 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15"
...
show less
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-09 17:34:09
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 194.164.26.127 (ip194-164-26-127.pbiaas.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 13:34:04.647027 2026] [security2:error] [pid 12613:tid 12639] [client 194.164.26.127:44568] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||emehache.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "emehache.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aihOjFwoS3Y6Bwjr2KqOAQAAAJg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
freeutka
2026-06-09 16:51:48
(1 week ago)
WordPress brute-force login attempt on wp-login.php.
Brute-Force
Web App Attack