๐ฉ๐ช
FeG Deutschland
2026-07-14 03:45:02
(16 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-12 23:42:10
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-12 17:09:14
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-12 08:25:23
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-12 04:08:41
(2 days ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-11 18:50:05
(3 days ago)
Wordfence waf block on registrymatters
Web App Attack
๐บ๐ธ
cwytech
2026-07-11 16:08:02
(3 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:06:04
(5 days ago)
(mod_security) mod_security (id:210350) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 ...
show more
(mod_security) mod_security (id:210350) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:05:57.825278 2026] [security2:error] [pid 14994:tid 14994] [client 103.159.36.58:46556] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||mundanestudies.org|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mundanestudies.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak-41egPXG1yYOgAa-mnuQAAAAQ"], referer: https://mundanestudies.org/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 07:27:59
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:27:53.612050 2026] [security2:error] [pid 13854:tid 13854] [client 103.159.36.58:42156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||primacomm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "aki1-d_YUDTcAZqOWFOvAgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 03:58:20
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 23:58:13.735109 2026] [security2:error] [pid 30551:tid 30566] [client 103.159.36.58:46834] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||captechinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "captechinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akiE1ZS1GKPcZvkLVIKF0QAAAEw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-04 03:04:41
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:42:16
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:42:10.535289 2026] [security2:error] [pid 11818:tid 11818] [client 103.159.36.58:42364] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||morninginc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "morninginc.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akhW4lT56nwwWd5RYKekUAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 12:22:15
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:22:08.996642 2026] [security2:error] [pid 6947:tid 6947] [client 103.159.36.58:41638] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thepercussionworks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thepercussionworks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akepcHm9-4Rgy6kgBhtHJQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-03 12:12:08
(1 week ago)
Try to access /blog/xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 10:55:37
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 103.159.36.58 (dwhserver11.dhakawebhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:55:33.188160 2026] [security2:error] [pid 4093:tid 4093] [client 103.159.36.58:47956] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tedharris.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tedharris.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeVJUXn_OaNPeEv0ThCJgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack