๐บ๐ธ
TPI-Abuse
2026-07-04 01:08:10
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:08:05.521611 2026] [security2:error] [pid 16784:tid 16784] [client 41.185.8.187:55634] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bickleton.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bickleton.org"] [uri "/wp-json/wp/v2/users/2"] [unique_id "akhc9Tcwimb-GmkhjSPEIAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 22:06:12
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:06:05.379152 2026] [security2:error] [pid 16021:tid 16021] [client 41.185.8.187:58258] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eatcakecup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eatcakecup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgyTRYXxUeGqVpzXsfypQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 20:07:08
(7 hours ago)
Automated web scanner. Requested suspicious paths: /wordpress/xmlrpc.php. UTC: 2026-07-03 19:32:45.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:05:26
(7 hours ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:05:19.951874 2026] [security2:error] [pid 20700:tid 20700] [client 41.185.8.187:43428] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lenorasflowers.lahamradio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lenorasflowers.lahamradio.com"] [uri "/wp-json/wp/v2/users/9"] [unique_id "akgV_0m-EYLV9ZEhaIAtaAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:07:22
(8 hours ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:07:14.382318 2026] [security2:error] [pid 6729:tid 6729] [client 41.185.8.187:33270] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||boardinjapan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "boardinjapan.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akgIYpV7izbfAWpP9GAckwAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 17:09:12
(10 hours ago)
2026-07-03T19:09:10.897628+02:00 aion wordpress[21728]: Blocked user enumeration attempt from 41.185 ...
show more
2026-07-03T19:09:10.897628+02:00 aion wordpress[21728]: Blocked user enumeration attempt from 41.185.8.187
...
show less
Hacking
Brute-Force
๐ฉ๐ฐ
ScamAware
2026-07-03 09:28:44
(17 hours ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPr ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPress user enumeration). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:50:56
(18 hours ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:50:51.495103 2026] [security2:error] [pid 2010:tid 2010] [client 41.185.8.187:56046] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dalessalesandservice.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dalessalesandservice.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akd36-iIXVMSTYEGw97N-AAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 05:18:15
(22 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-02 20:30:06
(1 day ago)
Wordfence waf block on wvrsol
Web App Attack
๐ฒ๐น
Malta
2026-07-02 20:17:49
(1 day ago)
41.185.8.187 - - [02/Jul/2026:22:17:48 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubunt ...
show more
41.185.8.187 - - [02/Jul/2026:22:17:48 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐ซ๐ท
ELYAZ
2026-06-29 17:49:38
(4 days ago)
(y4) Failed scan -byebye- from 41.185.8.187 (-): (CF_ENABLE)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 11:44:15
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:44:08.798051 2026] [security2:error] [pid 5098:tid 5098] [client 41.185.8.187:46112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jillbauman.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jillbauman.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJaiHGZ9VBAa9CNl3yG5AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 10:12:54
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:12:47.564017 2026] [security2:error] [pid 14348:tid 14348] [client 41.185.8.187:57276] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ussthresher.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ussthresher.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akJFH41ifxS58q86kF--MQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:59:32
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 41.185.8.187 (srv115.hostserv.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:59:23.677009 2026] [security2:error] [pid 30503:tid 30524] [client 41.185.8.187:35342] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.minutosrobados.com.emehache.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.minutosrobados.com.emehache.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akIz62fUGkAiZ4aE_RnbzAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack