๐บ๐ธ
TPI-Abuse
2026-07-01 21:43:50
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:43:37.583352 2026] [security2:error] [pid 27271:tid 27271] [client 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a:60874] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ironsightsarmory.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ironsightsarmory.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akWKCcmatnSz-V334QLRHQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
MatStef132
2026-06-29 23:18:29
(2 days ago)
MatShield L7: blocked on dev.mathost.eu (ua-quarantined)
Bad Web Bot
๐จ๐ฆ
1gz
2026-06-27 22:13:45
(4 days ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET m ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (iPhone; CPU iPhone OS 17_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Mobile/15E148 Safari/604.1
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
MatStef132
2026-06-26 11:43:25
(5 days ago)
MatShield L7: blocked on mathost.eu (ua-concentration-req-threshold)
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-25 01:59:14
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 21:59:06.822876 2026] [security2:error] [pid 8035:tid 8035] [client 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a:64742] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gcmmortgage.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gcmmortgage.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajyLartm6X8l9dlNE06mQQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 01:28:36
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 21:28:31.411278 2026] [security2:error] [pid 21137:tid 21137] [client 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a:49562] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thrudheim.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thrudheim.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajyEP4eHMyPABdX2FMpIqAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 01:10:32
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 21:10:24.795155 2026] [security2:error] [pid 2950:tid 2950] [client 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a:55774] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||goomapush.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "goomapush.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajyAACTI-nuEb544KEMpzgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob.fr
2026-06-25 01:00:14
(1 week ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 00:39:36
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:39:31.737577 2026] [security2:error] [pid 24938:tid 24938] [client 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a:9698] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||qu1ck.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "qu1ck.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajx4w1AeIQQyOL4gm7CTggAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 12:57:19
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): ...
show more
(mod_security) mod_security (id:225170) triggered by 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 08:57:16.051740 2026] [security2:error] [pid 8848:tid 8848] [client 2a0a:4cc0:c1:b656:44b:87ff:fef0:281a:19556] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||orlando-windsor-villa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "orlando-windsor-villa.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvULOzd4g7Iw9iR6S-3kgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack