๐บ๐ธ
TPI-Abuse
2026-07-10 23:23:19
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 5.135.42.162 (gwc.cluster114.hosting.ovh.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 5.135.42.162 (gwc.cluster114.hosting.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 19:23:13.932442 2026] [security2:error] [pid 6253:tid 6253] [client 5.135.42.162:42414] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||riser-astrology.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "riser-astrology.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alF-4XNUU45UJVmPFleovgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 20:47:10
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 5.135.42.162 (gwc.cluster114.hosting.ovh.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 5.135.42.162 (gwc.cluster114.hosting.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 16:47:04.254360 2026] [security2:error] [pid 26486:tid 26486] [client 5.135.42.162:50532] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gaeltv.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gaeltv.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alFaSHIngo-04aTWZ8yhIwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 09:54:49
(4 days ago)
5.135.42.162 - - [09/Jul/2026:17:54:48 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 ( ...
show more
5.135.42.162 - - [09/Jul/2026:17:54:48 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_7_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/150.0.7871.34 Mobile/15E148 Safari/604.1"
...
show less
Bad Web Bot
Web App Attack
๐จ๐ฟ
ptlab
2026-07-08 22:45:23
(4 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-08 22:18:04
(4 days ago)
Wordfence waf block on wp20190711M4
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-08 00:45:57
(5 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ณ๐ฟ
billyborsht
2026-07-07 16:49:47
(5 days ago)
2026-07-08T04:49:46.895828+12:00 southern wordpress(kate.frykberg.co.nz)[2330900]: Authentication at ...
show more
2026-07-08T04:49:46.895828+12:00 southern wordpress(kate.frykberg.co.nz)[2330900]: Authentication attempt for unknown user jan from 5.135.42.162
...
show less
Hacking
Web App Attack
๐ฒ๐น
Malta
2026-05-19 02:28:14
(1 month ago)
5.135.42.162 - - [19/May/2026:04:28:14 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Fedor ...
show more
5.135.42.162 - - [19/May/2026:04:28:14 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
Anonymous
2025-12-11 04:30:12
(7 months ago)
Failed Wordpress Logins
Web App Attack
๐ฆ๐บ
MAGIC
2025-12-10 00:00:50
(7 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2025-12-09 20:00:20
(7 months ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2025-12-08 12:02:35
(7 months ago)
Failed Wordpress Logins
Web App Attack
๐ซ๐ท
masterguru
2025-12-08 09:29:09
(7 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 5.135.42.162 (DE/Germany/gwc.cluster114.hostin ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 5.135.42.162 (DE/Germany/gwc.cluster114.hosting.ovh.net): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ซ๐ท
dynamix
2025-11-20 03:37:44
(7 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
John Chrys.
2025-11-20 02:03:29
(7 months ago)
5.135.42.162 - - [20/Nov/2025:04:02:47 +0200] "POST /xmlrpc.php HTTP/2.0" 403 290 "-" "Mozilla/5.0 ( ...
show more
5.135.42.162 - - [20/Nov/2025:04:02:47 +0200] "POST /xmlrpc.php HTTP/2.0" 403 290 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7"
5.135.42.162 - - [20/Nov/2025:04:03:17 +0200] "POST /xmlrpc.php HTTP/2.0" 403 290 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7"
5.135.42.162 - - [20/Nov/2025:04:03:17 +0200] "POST /xmlrpc.php HTTP/2.0" 403 290 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7"
5.135.42.162 - - [20/Nov/2025:04:03:17 +0200] "POST /xmlrpc.php HTTP/2.0" 403 290 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) Version/11.0.2 Safari/604.4.7"
5.135.42.162 - - [20/Nov/2025:04:03:18 +0200] "POST /xmlrpc.php HTTP/2.0" 403 290 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/604.4.7 (KHTML, like Gecko) V
...
show less
Brute-Force
Web App Attack