๐บ๐ธ
TPI-Abuse
2026-06-02 06:24:57
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 02:24:51.166315 2026] [security2:error] [pid 32363:tid 32363] [client 2a02:c207:2068:3167::1:56416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.n4fh.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.n4fh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah53M5JXmutpu_HEY9SfZQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 00:49:08
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 20:49:06.009123 2026] [security2:error] [pid 18588:tid 18588] [client 2a02:c207:2068:3167::1:33936] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.innovacionesnimba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.innovacionesnimba.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah4oglXNydDk5NSidEysmwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 17:02:29
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 13:02:22.291683 2026] [security2:error] [pid 21925:tid 21946] [client 2a02:c207:2068:3167::1:48832] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.chelseyrae.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.chelseyrae.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah27Hid0vbEjaLV_yvHr8gAAAVM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-01 03:48:40
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 23:48:36.023416 2026] [security2:error] [pid 12173:tid 12173] [client 2a02:c207:2068:3167::1:54780] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.constructionloansfunding.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.constructionloansfunding.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah0BFMetmLtpObOU2LVMHgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 20:53:59
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:53:52.571115 2026] [security2:error] [pid 6358:tid 6358] [client 2a02:c207:2068:3167::1:44218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.losbarbarosdelnorte.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.losbarbarosdelnorte.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahyf4CEDGRjgGR28EXJWuAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 14:02:39
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 10:02:32.773752 2026] [security2:error] [pid 13494:tid 13494] [client 2a02:c207:2068:3167::1:37016] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.infinityartistsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.infinityartistsgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahw_eEXWhxI3HipfdY3VvAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 08:08:53
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver ...
show more
(mod_security) mod_security (id:225170) triggered by 2a02:c207:2068:3167::1 (vmi683167.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 04:08:48.777294 2026] [security2:error] [pid 22214:tid 22214] [client 2a02:c207:2068:3167::1:37238] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.wpcoc.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.wpcoc.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ahvskOJwMSqeKYytRZ8D3QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-03-07 11:16:24
(3 months ago)
Web App Attack
Web App Attack
๐จ๐ญ
YF
2026-03-06 19:05:03
(3 months ago)
Unauthorized WordPress access attempt
Brute-Force
Web App Attack
๐บ๐ธ
Penny Packer
2026-03-06 14:55:50
(3 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-03-05 16:16:19
(3 months ago)
Try to access /xmlrpc.php
Web App Attack
๐บ๐ธ
ipblock.com
2025-12-09 19:12:00
(6 months ago)
IPBlock protected site ID [4730-fr].
Major crawler impostor.
Mozilla/5.0 (compatible; Googlebot/2. ...
show more
IPBlock protected site ID [4730-fr].
Major crawler impostor.
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
show less
Bad Web Bot
๐ฉ๐ช
stinpriza
2025-10-17 18:04:44
(8 months ago)
Web App Attack
Web App Attack
๐บ๐ธ
myagent.site
2025-10-06 03:29:56
(8 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
๐ฉ๐ช
SpaceHost-Server
2025-07-29 22:29:50
(10 months ago)
Brute-Force
Web App Attack