πΊπΈ
TPI-Abuse
2026-07-13 11:49:49
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:49:44.503428 2026] [security2:error] [pid 1592:tid 1592] [client 195.191.25.51:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ipv6.local639.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ipv6.local639.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alTQ2NqT9r1UBn7iN4PJlwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
ambor
2026-07-13 05:10:46
(1 day ago)
L0ss Honeypot: WordPress login access attempt. Path: /wp-login.php
Brute-Force
Web App Attack
π«π·
tecnicorioja
2026-07-12 22:00:59
(1 day ago)
wp-login attack [12/Jul/2026:19:15:19
Brute-Force
Web App Attack
π«π·
ELYAZ
2026-07-12 19:13:05
(1 day ago)
(y4) Failed scan -byebye- from 195.191.25.51 (UA/Ukraine/skm352.hostsila.org): (CF_ENABLE)
Hacking
π©πͺ
ger-stg-sifi1
2026-07-12 17:07:12
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
lostswordfish.com
2026-07-12 14:14:03
(1 day ago)
Wordfence waf block on registrymatters
Web App Attack
π³π±
ipoac.nl
2026-07-12 08:26:26
(2 days ago)
2026-07-12T10:26:24.714827+02:00 ipoac.nl wordpress(-)-: Authentication failure for-from 195.191.25. ...
show more
2026-07-12T10:26:24.714827+02:00 ipoac.nl wordpress(-)-: Authentication failure for-from 195.191.25.51
show less
Web App Attack
π©πͺ
FeG Deutschland
2026-07-11 08:43:05
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
π«π·
ELYAZ
2026-07-10 21:47:53
(3 days ago)
(y4) Failed scan -byebye- from 195.191.25.51 (UA/Ukraine/skm352.hostsila.org): (CF_ENABLE)
Hacking
π²πΉ
Malta
2026-06-29 18:47:40
(2 weeks ago)
195.191.25.51 - - [29/Jun/2026:20:47:40 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; CrOS ...
show more
195.191.25.51 - - [29/Jun/2026:20:47:40 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π¨πΏ
ptlab
2026-06-29 18:45:19
(2 weeks ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 17:06:34
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 13:06:29.191196 2026] [security2:error] [pid 6573:tid 6633] [client 195.191.25.51:25560] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||duplexgoldmine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "duplexgoldmine.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akKmFV5pKlAhlB0ZHhy4UAAAAQs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 10:27:50
(2 weeks ago)
2026-06-29T12:27:49.792919+02:00 aion wordpress[2732097]: Blocked user enumeration attempt from 195. ...
show more
2026-06-29T12:27:49.792919+02:00 aion wordpress[2732097]: Blocked user enumeration attempt from 195.191.25.51
...
show less
Hacking
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-29 09:00:07
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:59:58.637037 2026] [security2:error] [pid 17406:tid 17406] [client 195.191.25.51:11246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tarekshohaieb.online|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tarekshohaieb.online"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akI0Dv19Onhix_91voD_7QAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 08:38:37
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 195.191.25.51 (skm352.hostsila.org): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:38:29.100855 2026] [security2:error] [pid 25620:tid 25620] [client 195.191.25.51:22150] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||freemanfoundationcle.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "freemanfoundationcle.org"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akIvBYe__Th5GK5Yt09LbAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack