๐จ๐ฆ
SoteriaCovenant
2026-07-05 12:25:45
(1 day ago)
Automated probe: /wp-json/wp/v2/users/1 on Soteria Global infrastructure. No vulnerable software pre ...
show more
Automated probe: /wp-json/wp/v2/users/1 on Soteria Global infrastructure. No vulnerable software present.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:48:21
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:48:13.519710 2026] [security2:error] [pid 22146:tid 22146] [client 20.84.23.209:6472] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lovebuilds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lovebuilds.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aki6vTGSVL_JUwY94N15WwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
SoteriaCovenant
2026-07-04 07:39:27
(2 days ago)
Automated probe: /wp-json/wp/v2/users/1 on Soteria Global infrastructure. No vulnerable software pre ...
show more
Automated probe: /wp-json/wp/v2/users/1 on Soteria Global infrastructure. No vulnerable software present.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:21:28
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:21:25.602833 2026] [security2:error] [pid 27537:tid 27537] [client 20.84.23.209:6513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||waterspell.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "waterspell.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akg15YJZnoan0mCwIzdh3gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
nate naten
2026-07-03 18:03:56
(3 days ago)
HoneyTrap: xmlrpc attempt on /xmlrpc.php from United States
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 13:47:57
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 09:47:53.291122 2026] [security2:error] [pid 11315:tid 11315] [client 20.84.23.209:6521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||uphillfarmvt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "uphillfarmvt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ake9ibWWY6G3Xb4hP3jCSgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:26:31
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:26:25.935386 2026] [security2:error] [pid 7776:tid 7776] [client 20.84.23.209:6469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||professionalpianomoversinc.com.anthonyanimalclinic.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "professionalpianomoversinc.com.anthonyanimalclinic.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akecYTsj71nVKA_oZATBUwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 10:26:03
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 05:28:52
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:28:46.731882 2026] [security2:error] [pid 23326:tid 23326] [client 20.84.23.209:6523] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.avaliantlife.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.avaliantlife.com"] [uri "/wp-json/wp/v2/users/10"] [unique_id "akdIjli0iRZP3nVxkNyFnQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 00:23:13
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 20:23:08.344695 2026] [security2:error] [pid 29028:tid 29028] [client 20.84.23.209:6486] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||adonamusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "adonamusic.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRd7K6eNo1gqGNt0lHZ4QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
ptlab
2026-06-30 14:45:04
(6 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐ซ๐ท
masterguru
2026-06-30 13:36:33
(6 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 20.84.23.209 (US/United States/-): 1 in the l ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 20.84.23.209 (US/United States/-): 1 in the last 3600 secs (0-196)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 11:44:08
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:44:02.920290 2026] [security2:error] [pid 5596:tid 5596] [client 20.84.23.209:6473] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wealthsec.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wealthsec.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJagozdYgqac6PhdWIhCwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 23:37:49
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:37:42.543397 2026] [security2:error] [pid 13611:tid 13611] [client 20.84.23.209:7752] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||qatest.soudertonbigred.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "qatest.soudertonbigred.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akGwRorOFZTkP07nV9stDgAAAJQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 21:00:33
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.84.23.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:00:28.676499 2026] [security2:error] [pid 32653:tid 32653] [client 20.84.23.209:7787] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||greenmountainfeeds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greenmountainfeeds.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGLbEMO0wzfoM0qrAa7zgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack