|
๐ซ๐ท
mrcrassi
|
|
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (POST meth ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (POST method)
Endpoint: /wp-login.php
UA: Wget/1.21.4
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
|
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 05:38:55.657340 2026] [security2:error] [pid 5011:tid 5011] [client 45.148.234.75:35907] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||armrms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "armrms.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acJbr30etdShLB0kVvBcEgAAAAM"], referer: https://www.google.com
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 20:37:37.962939 2026] [security2:error] [pid 8189:tid 8203] [client 45.148.234.75:58497] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||varmouries.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "varmouries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ab850T4vjCv-dI8fZBmYIwAAAMw"], referer: https://www.google.com
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:48:38.941549 2026] [security2:error] [pid 6855:tid 6855] [client 45.148.234.75:12067] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jessemack.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jessemack.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abvilnYQutbAGvr9N0XenQAAAAc"], referer: https://www.google.com
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 11:05:06.403819 2026] [security2:error] [pid 313:tid 313] [client 45.148.234.75:30665] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||techlinks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "techlinks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aampsmid14pGMOE7i3Qx6gAAABo"], referer: https://www.google.com
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
nationaleventpros.com
|
|
WordPress login attempt
|
Brute-Force
|
|
|
๐บ๐ธ
xmission.com
|
|
45.148.234.75 - - [03/Mar/2026:15:44:44 -0700] "POST /wp-login.php HTTP/1.1" 200 2326 "https://dooce ...
show more
45.148.234.75 - - [03/Mar/2026:15:44:44 -0700] "POST /wp-login.php HTTP/1.1" 200 2326 "https://dooce.com/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.148.234.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 01 07:14:56.023592 2026] [security2:error] [pid 4889:tid 4889] [client 45.148.234.75:10911] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||huboon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "huboon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaQtwEhDQtnWp8U8ARGzkAAAAAg"], referer: https://www.google.com
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ท๐บ
OK
|
|
HTTP/HTTPS
|
Hacking
Web App Attack
|
|
|
Anonymous
|
|
Hacking Attempt (Website Honeypot)
|
Hacking
Web App Attack
|
|
|
Anonymous
|
|
Forum/form spam
|
Web Spam
|
|
|
๐ณ๐ฑ
exxos
|
|
Attacks with Bad user agents
|
Hacking
|
|
|
๐ฆ๐บ
MAGIC
|
|
Distributed DDOS attempts for multiple sites
|
DDoS Attack
Bad Web Bot
|
|
|
๐ฆ๐บ
MAGIC
|
|
Distributed DDOS attempts for multiple sites
|
DDoS Attack
Bad Web Bot
|
|
|
๐ฆ๐บ
MAGIC
|
|
Distributed DDOS attempts for multiple sites
|
DDoS Attack
Bad Web Bot
|
|