๐บ๐ธ
TPI-Abuse
2026-07-04 02:39:14
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 198.105.113.10 (s106.srvx.ws): 1 in the last 30 ...
show more
(mod_security) mod_security (id:225170) triggered by 198.105.113.10 (s106.srvx.ws): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:39:07.582735 2026] [security2:error] [pid 25158:tid 25158] [client 198.105.113.10:45972] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||d365geek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "d365geek.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akhyS7MBHDztNHQ7nP_digAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-07-04 00:48:35
(23 hours ago)
[SatJul0402:48:30.8628392026][security2:error][pid825944:tid826065][client198.105.113.10:0]ModSecuri ...
show more
[SatJul0402:48:30.8628392026][security2:error][pid825944:tid826065][client198.105.113.10:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"ci-ticino.ch\"][uri\"/wp/xmlrpc.php\"][unique_id\"akhYXsnmU-NghsZxA-kYcwAAANU\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 14:05:14
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ซ๐ท
masterguru
2026-07-02 07:58:49
(2 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 198.105.113.10 (IN/India/s106.srvx.ws): 1 in ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 198.105.113.10 (IN/India/s106.srvx.ws): 1 in the last 3600 secs (0-195)
show less
Hacking
๐จ๐ฟ
ptlab
2026-06-30 16:45:23
(4 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:28:15
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 198.105.113.10 (s106.srvx.ws): 1 in the last 30 ...
show more
(mod_security) mod_security (id:225170) triggered by 198.105.113.10 (s106.srvx.ws): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:28:08.930038 2026] [security2:error] [pid 3856:tid 3856] [client 198.105.113.10:41370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brbvip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brbvip.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akO2WBorz5OmYg5DReyMfgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tilellit.pro
2026-06-30 10:08:31
(4 days ago)
Fail2Ban banned 198.105.113.10 for security violations in jail wp-armour. Log: 2026/06/30 10:08:30 [ ...
show more
Fail2Ban banned 198.105.113.10 for security violations in jail wp-armour. Log: 2026/06/30 10:08:30 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 198.105.113.10 | Target: wplogin" , client: 198.105.113.10, server: [REDACTED], request: "POST /wp-login.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ฉ๐ช
FeG Deutschland
2026-06-30 02:28:44
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:24:18
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 198.105.113.10 (s106.srvx.ws): 1 in the last 30 ...
show more
(mod_security) mod_security (id:225170) triggered by 198.105.113.10 (s106.srvx.ws): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:24:13.769671 2026] [security2:error] [pid 30621:tid 30621] [client 198.105.113.10:42008] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ardeeapps.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ardeeapps.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIPjWhBeUTsOBFIMvdzGwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack