๐บ๐ธ
TPI-Abuse
2026-07-03 21:07:09
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:07:05.292220 2026] [security2:error] [pid 7566:tid 7566] [client 64.31.38.170:42462] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bigholegolf.com"] [uri "/wp-json/wp/v2/users/9"] [unique_id "akgkeQsLTimEmmWxrABUQQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 20:07:05
(2 days ago)
Automated web scanner. Requested suspicious paths: /wp-json/wp/v2/users. UTC: 2026-07-03 19:24:19.
Web App Attack
๐ฌ๐ง
AvonleaConsulting
2026-07-03 09:19:30
(3 days ago)
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 21:18:44
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:18:38.144809 2026] [security2:error] [pid 19196:tid 19196] [client 64.31.38.170:35326] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||geckoturner.chezlubacov.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "geckoturner.chezlubacov.xyz"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akbVrkU0NWKnOIzCectDOwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 17:29:31
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 13:29:25.563725 2026] [security2:error] [pid 13005:tid 13005] [client 64.31.38.170:40402] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||buenasfrecuencias.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "buenasfrecuencias.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akaf9d6WBtEQM4f7g_yutQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-02 00:32:14
(4 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 18:54:22
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 14:54:19.213541 2026] [security2:error] [pid 18548:tid 18548] [client 64.31.38.170:44474] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||broneksuchanek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "broneksuchanek.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akQQ23CVa8hidoWBwts9IAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 11:17:31
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:17:25.594550 2026] [security2:error] [pid 31317:tid 31317] [client 64.31.38.170:42814] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rogerheath.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rogerheath.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJURfhjVAqrRe4z1aFZxgAAADU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-28 15:01:54
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ซ๐ท
masterguru
2026-06-28 07:23:03
(1 week ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 64.31.38.170 (US/United States/host.sdserver8 ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 64.31.38.170 (US/United States/host.sdserver8.com): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ฉ๐ช
london2038.com
2026-06-28 05:32:57
(1 week ago)
Attacking WordPress
64.31.38.170 - - [28/Jun/2026:07:32:56 +0200] "POST /wp-login.php HTTP/2.0" 503 ...
show more
Attacking WordPress
64.31.38.170 - - [28/Jun/2026:07:32:56 +0200] "POST /wp-login.php HTTP/2.0" 503 19289 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
show less
Brute-Force
Web App Attack
๐ฉ๐ช
Hazzard
2026-06-27 21:21:40
(1 week ago)
(wordpress) Failed wordpress login from 64.31.38.170 (US/United States/Florida/Miami/host.sdserver8. ...
show more
(wordpress) Failed wordpress login from 64.31.38.170 (US/United States/Florida/Miami/host.sdserver8.com/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
lostswordfish.com
2026-06-26 20:54:04
(1 week ago)
Wordfence waf block on secure uv4sor
Web App Attack
๐บ๐ธ
wordpresshosting.solutions
2026-06-26 17:48:39
(1 week ago)
WordPress login/xmlrpc abuse or user enumeration detected. Evidence: 64.31.38.170 - - [26/Jun/2026:1 ...
show more
WordPress login/xmlrpc abuse or user enumeration detected. Evidence: 64.31.38.170 - - [26/Jun/2026:17:48:38 +0000] "GET /wp-login.php HTTP/1.1" 200 6705 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
64.31.38.170 - - [26/Jun/2026:17:48:38 +0000] "POST /wp-login.php HTTP/1.1" 503 23829 "https://[DOMAIN]/wp-login.php" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 10:17:34
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 64.31.38.170 (host.sdserver8.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 06:17:26.765732 2026] [security2:error] [pid 12552:tid 12552] [client 64.31.38.170:45890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||randymcelroy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "randymcelroy.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajuutjbWSGY_VTfIrk2LwAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack