|
๐ณ๐ฑ
Site.eu
|
|
Excessive 404/403 errors
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 23:36:19.828893 2026] [security2:error] [pid 29483:tid 29483] [client 5.9.161.137:33694] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nomorenicenice.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nomorenicenice.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajits7Z230tK7ZMEcLR3pwAAABE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 21:37:45.442444 2026] [security2:error] [pid 16697:tid 16697] [client 5.9.161.137:51218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.jesussotoca.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jesussotoca.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajiR6eIL-zzoe3J5-6aivQAAABw"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 19:01:39.933021 2026] [security2:error] [pid 14534:tid 14534] [client 5.9.161.137:39408] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.lambert-heating-and-air.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lambert-heating-and-air.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajhtU4_qHwimZHp_CIBzsAAAAAM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 17:21:08.888397 2026] [security2:error] [pid 24130:tid 24130] [client 5.9.161.137:34884] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.goodfrequencies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.goodfrequencies.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajhVxLbBVKjuvSurZq8yswAAAA4"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:43:55.822634 2026] [security2:error] [pid 31241:tid 31241] [client 5.9.161.137:47298] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fundaciondamashcc.org.ec|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fundaciondamashcc.org.ec"] [uri "/wp-json/wp/v2/users"] [unique_id "ajdB2435MYASI0SkFC2PgwAAAAI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 12:26:36.662279 2026] [security2:error] [pid 29728:tid 29728] [client 5.9.161.137:41320] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.stop902.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.stop902.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aja_PDeJVHh6pwAnVZKXpgAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 16:08:15.870101 2026] [security2:error] [pid 22419:tid 22419] [client 5.9.161.137:36864] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mosheimlib.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mosheimlib.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajL-r4qzMKHok-UKcmIjPgAAABY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 02:37:47.188052 2026] [security2:error] [pid 30859:tid 30859] [client 5.9.161.137:43012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.assheton.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.assheton.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahaRO7E9bVb7eLYX2t0nmwAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Failed login attempt detected by Fail2Ban in plesk-postfix jail
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 21:28:19.122785 2026] [security2:error] [pid 23023:tid 23023] [client 5.9.161.137:48756] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.infinityartistsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.infinityartistsgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahZIs8YKHaaFdx89gHOviAAAAAo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐จ๐ฟ
ptlab
|
|
Detected wp_login attack from WP-host.
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
cwytech
|
|
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
|
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 11:42:15.595127 2026] [security2:error] [pid 19153:tid 19153] [client 5.9.161.137:50034] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.anamericanabroad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.anamericanabroad.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahRt17OI6w2Qdsf0UeO64wAAAA8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 5.9.161.137 (lnx5.cloudministerhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 00:36:07.757857 2026] [security2:error] [pid 28230:tid 28230] [client 5.9.161.137:56168] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.blacksheepoffroad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.blacksheepoffroad.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag_dN41VCxkDIlivGLIm_wAAACQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|