๐บ๐ธ
TPI-Abuse
2026-07-04 21:23:22
(58 minutes ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 17:23:17.527865 2026] [security2:error] [pid 30845:tid 30845] [client 20.185.96.226:6606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||richmondrents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "richmondrents.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akl5xX-fovorj-d4uuOsbwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 20:47:07
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:47:00.791874 2026] [security2:error] [pid 4550:tid 4557] [client 20.185.96.226:6650] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sparkhypnotherapy.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aklxRDGlIozRAonsb2N6tAAAAIU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-04 17:10:40
(5 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 16:35:46
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 12:35:41.189307 2026] [security2:error] [pid 6406:tid 6406] [client 20.185.96.226:6598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||elgatocapa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "elgatocapa.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akk2XWcFOKOzXRLTUGxAvAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
SoteriaCovenant
2026-07-04 07:34:27
(14 hours ago)
Automated probe: /wp-json/wp/v2/users on Soteria Global infrastructure. No vulnerable software prese ...
show more
Automated probe: /wp-json/wp/v2/users on Soteria Global infrastructure. No vulnerable software present.
show less
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-04 04:20:13
(18 hours ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 02:09:27
(20 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:09:21.031970 2026] [security2:error] [pid 12482:tid 12482] [client 20.185.96.226:6596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||restest.rayeliotschwartz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "restest.rayeliotschwartz.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akhrUQgPfcXRj3MFrlBgwQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:33:09
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:33:02.347954 2026] [security2:error] [pid 17363:tid 17363] [client 20.185.96.226:6606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||36sovereignchambers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "36sovereignchambers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akhUvt1XT472zeb9aV7qCQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:43:47
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:43:39.809413 2026] [security2:error] [pid 25912:tid 25912] [client 20.185.96.226:6649] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||qatest.soudertonbigred.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "qatest.soudertonbigred.org"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akgQ694lEwFYtK6T0Rw7agAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:33:30
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:33:26.536995 2026] [security2:error] [pid 27454:tid 27454] [client 20.185.96.226:6627] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oakglenhouse.com.benchmarkbcs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oakglenhouse.com.benchmarkbcs.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgAdt0WAIcwS9zrKwZVCwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 16:14:27
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 12:14:23.793986 2026] [security2:error] [pid 10869:tid 10869] [client 20.185.96.226:6635] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||integrabroadcast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "integrabroadcast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akff3w3R5KK74G2g9S3LOQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-03 12:58:20
(1 day ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:35:41
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:35:37.646757 2026] [security2:error] [pid 24383:tid 24398] [client 20.185.96.226:6609] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||coloradomountain.homes|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coloradomountain.homes"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akeeiXx-y9KuFYyLOiP44gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 10:42:23
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:42:15.313203 2026] [security2:error] [pid 31439:tid 31439] [client 20.185.96.226:8075] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pharmaceuticalsalescareerhub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pharmaceuticalsalescareerhub.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "akeSB9yUZtEG9_-fK_xKWgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 10:07:34
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 20.185.96.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:07:27.619686 2026] [security2:error] [pid 22717:tid 22717] [client 20.185.96.226:6640] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||magnoliahillproductions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "magnoliahillproductions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeJ343Y6qz5_7iFkPW3DQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack