๐บ๐ธ
TPI-Abuse
2026-07-03 22:50:39
(2 days ago)
(mod_security) mod_security (id:217280) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:217280) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:50:33.790249 2026] [security2:error] [pid 2720:tid 2720] [client 212.87.194.24:43236] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n|\\\\r)+(?:get|post|head|options|connect|put|delete|trace|propfind|propatch|mkcol|copy|move|lock|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack||fxztrader.com|F|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "fxztrader.com"] [uri "/contact/"] [unique_id "akg8uRAEYpHGzXxbYuapkwAAAAA"], referer: https://fxztrader.com/contact/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:34:49
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:34:44.327709 2026] [security2:error] [pid 22265:tid 22265] [client 212.87.194.24:37222] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||delomel.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "delomel.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "akcfxIoMXLA6MigtOGaT-AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 22:42:49
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:42:41.946983 2026] [security2:error] [pid 9065:tid 9065] [client 212.87.194.24:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mindmaterial.io|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mindmaterial.io"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbpYTftX-5KL_PVqwalMQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-02 21:32:03
(3 days ago)
Wordfence waf block on parsol
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 21:31:21
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:31:16.557210 2026] [security2:error] [pid 31399:tid 31399] [client 212.87.194.24:58014] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||britanniapilates.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "britanniapilates.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbYpJmeJTCIMepZlRWP4QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 20:24:34
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:24:28.688147 2026] [security2:error] [pid 18623:tid 18623] [client 212.87.194.24:57356] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||franzexpress.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "franzexpress.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbI_McaoZqBuuwubOsJ6gAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-07-02 19:28:16
(3 days ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 19:24:23
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 15:24:16.415578 2026] [security2:error] [pid 7465:tid 7465] [client 212.87.194.24:60686] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||homehealth101.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "homehealth101.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aka64M5-orQvK8zSl5UTSAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-02 11:53:20
(4 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:31:37
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 212.87.194.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:31:32.100793 2026] [security2:error] [pid 15976:tid 15976] [client 212.87.194.24:41654] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||therennas.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "therennas.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akWVRBtnMABpGgJTpRY3egAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
filstal.org
2026-07-01 17:38:42
(4 days ago)
Brute-force/Enumeration: Multiple login attempts for non-existent mail accounts (Honeytrap).
Email Spam
Brute-Force
๐บ๐ธ
EvilTurkey
2026-07-01 12:08:55
(5 days ago)
Web app attack against financial institution website.
Web App Attack
Hacking
๐บ๐ธ
oncord
2026-06-30 08:06:23
(6 days ago)
Form spam
Web Spam
๐ซ๐ท
fastwarp
2026-06-29 11:59:27
(1 week ago)
DDoS / HTTP flood to hosting server from nginx access logs
DDoS Attack
๐ฉ๐ช
SCHAPPY
2026-06-28 20:37:01
(1 week ago)
IMAP/POP3 connection attempts using blacklisted username.
DDoS Attack
Email Spam
Hacking