๐บ๐ธ
TPI-Abuse
2026-07-06 17:06:06
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 13:05:53.133972 2026] [security2:error] [pid 22077:tid 22077] [client 210.245.90.231:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.southernbroadcast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.southernbroadcast.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akvgcau1Kc2lG60OIsUJKgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-04 23:02:13
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 01:13:56
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:13:44.723717 2026] [security2:error] [pid 25074:tid 25074] [client 210.245.90.231:38838] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||portlunchgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "portlunchgroup.com"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akheSFP3g5JRmZ9m75vhIwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:31:57
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:31:48.513438 2026] [security2:error] [pid 9472:tid 9472] [client 210.245.90.231:39466] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||healthmarkcounseling.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "healthmarkcounseling.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgAFPc0i5PRxxJPm9EjhQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 13:01:50
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 09:01:41.671267 2026] [security2:error] [pid 16214:tid 16214] [client 210.245.90.231:52890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||heatherweathers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "heatherweathers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeytWhyGRYAnKuhqgpR1wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 12:46:16
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 10:43:13
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:43:06.459974 2026] [security2:error] [pid 14964:tid 15091] [client 210.245.90.231:58078] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||104ventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "104ventures.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeSOmUruELz38YDgv4K7QAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 07:24:33
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:24:24.290003 2026] [security2:error] [pid 15973:tid 15973] [client 210.245.90.231:58934] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ohwaitiforgot.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ohwaitiforgot.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akdjqBKmEvDvBT54ZL0w3wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
solution.it
2026-07-03 00:48:38
(3 days ago)
[Fri Jul 03 02:48:37.384475 2026] [php7:error] [pid 543377:tid 543377] [client 210.245.90.231:40620] ...
show more
[Fri Jul 03 02:48:37.384475 2026] [php7:error] [pid 543377:tid 543377] [client 210.245.90.231:40620] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat
show less
Web App Attack
๐ฎ๐ฉ
origrata
2026-07-02 19:14:15
(4 days ago)
[OGWAF] brute_force attack blocked | severity: high | POST /wp-login.php | UA: Mozilla/5.0 (Macintos ...
show more
[OGWAF] brute_force attack blocked | severity: high | POST /wp-login.php | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.
show less
Brute-Force
Hacking
๐บ๐ธ
mnsf
2026-07-02 09:07:11
(4 days ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:43:56
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:43:51.839976 2026] [security2:error] [pid 1825:tid 1825] [client 210.245.90.231:36102] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||williamfitzsimmons.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "williamfitzsimmons.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akWYJ_pBa4pPcOadRISUIQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 05:41:50
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:41:41.807540 2026] [security2:error] [pid 26748:tid 26748] [client 210.245.90.231:60058] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||baselinesc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "baselinesc.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akSolbmn5QSAowQZ8sx4ewAAADg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐น
Malta
2026-07-01 01:46:38
(5 days ago)
210.245.90.231 - - [01/Jul/2026:03:46:38 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ...
show more
210.245.90.231 - - [01/Jul/2026:03:46:38 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 01:00:24
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.ne ...
show more
(mod_security) mod_security (id:225170) triggered by 210.245.90.231 (210-245-90-231.shared.hostvn.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 21:00:16.455357 2026] [security2:error] [pid 21638:tid 21659] [client 210.245.90.231:48884] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eliteproductions.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eliteproductions.tv"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akRmoEw7X34XTOKxFNKfeQAAANI"]
show less
Brute-Force
Bad Web Bot
Web App Attack