๐ฉ๐ช
neckaralb-admin.de
2026-07-08 17:26:52
(3 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
london2038.com
2026-07-08 16:36:38
(4 hours ago)
Attacking WordPress
114.34.90.9 - - [08/Jul/2026:18:36:33 +0200] "POST /xmlrpc.php HTTP/2.0" 503 189 ...
show more
Attacking WordPress
114.34.90.9 - - [08/Jul/2026:18:36:33 +0200] "POST /xmlrpc.php HTTP/2.0" 503 18945 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Mobile Safari/537.36"
show less
Brute-Force
Web App Attack
๐บ๐ธ
cwytech
2026-07-08 15:23:16
(5 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 09:15:49
(11 hours ago)
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:15:43.006250 2026] [security2:error] [pid 4736:tid 4736] [client 114.34.90.9:58854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bernsteinip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bernsteinip.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak4VP5MekKC8jXBPmaaEjAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ArturShelby
2026-07-08 08:47:12
(12 hours ago)
Honeypot triggered: /wp-json/wp/v2/users
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 18:11:57
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:11:50.838647 2026] [security2:error] [pid 1193:tid 1193] [client 114.34.90.9:46070] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||abilityimprinting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "abilityimprinting.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak1BZvP4EW8Nf0jwQosM9AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 16:10:50
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:10:44.886135 2026] [security2:error] [pid 27804:tid 27804] [client 114.34.90.9:50072] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mail.iconbizpromo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.iconbizpromo.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak0lBH5-UVVGv8vk3veoDgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 15:54:50
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:54:43.880005 2026] [security2:error] [pid 14877:tid 14877] [client 114.34.90.9:44824] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||genevaatlantic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "genevaatlantic.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak0hQwf_RxO5gzVMRNyLzwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hazzard
2026-07-07 15:12:03
(1 day ago)
(wordpress) Failed wordpress login from 114.34.90.9 (TW/Taiwan/New Taipei City/New Taipei City/114-3 ...
show more
(wordpress) Failed wordpress login from 114.34.90.9 (TW/Taiwan/New Taipei City/New Taipei City/114-34-90-9.hinet-ip.hinet.net/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 13:14:04
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:13:57.191010 2026] [security2:error] [pid 10101:tid 10101] [client 114.34.90.9:58324] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gaeltv.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gaeltv.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akz7laSzK8pp3YajrNgCJQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-06 04:08:09
(2 days ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-05 12:48:04
(3 days ago)
Wordfence waf block on robdarnell
Web App Attack
Anonymous
2026-07-05 11:52:28
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 11:37:28
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 114.34.90.9 (114-34-90-9.hinet-ip.hinet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 07:37:23.648976 2026] [security2:error] [pid 12924:tid 12924] [client 114.34.90.9:40260] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||frelsburg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "frelsburg.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akpB86WyKUg65q-H8iUTVwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
ptlab
2026-07-05 10:45:15
(3 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack