๐ฉ๐ช
danchoivanov
2026-06-30 14:51:59
(3 hours ago)
Automated scanner probing /wp-login.php on simpleitsrq.com. Auto-blocked by honeypot trap.
Web App Attack
Hacking
๐ธ๐ช
SkyDancer
2026-06-29 11:16:06
(1 day ago)
Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by Sk ...
show more
Multiple unauthorized attempts to access using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Vx
show less
Hacking
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-29 11:13:39
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:13:36.551311 2026] [security2:error] [pid 5824:tid 5906] [client 116.202.32.153:61658] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||colinarchibald.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "colinarchibald.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJTYCu__90s-6qIF4ZNnwAAAQs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-06-28 11:29:17
(2 days ago)
recidive - IP: 116.202.32.153 - 2026-06-28 07:59:10,900 fail2ban.actions [1068196]: NOTICE [plesk-w ...
show more
recidive - IP: 116.202.32.153 - 2026-06-28 07:59:10,900 fail2ban.actions [1068196]: NOTICE [plesk-wordpress] Ban 116.202.32.153 2026-06-28 09:31:07,169 fail2ban.actions [1068196]: NOTICE [plesk-wordpress] Ban 116.202.32.153 2026-06-28 13:29:17,520 fail2ban.actions [1068196]: NOTICE [plesk-wordpress] Ban 116.202.32.153
show less
Web App Attack
Anonymous
2026-06-28 06:52:32
(2 days ago)
[osotir.org] httpd-login-post: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; sam ...
show more
[osotir.org] httpd-login-post: sites=agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.log; samples=/wp-json/wp/v2/users?page=1&per_page=100 | /wp-login.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 05:35:52
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:35:43.167055 2026] [security2:error] [pid 14908:tid 14908] [client 116.202.32.153:63534] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||frogdesignmexico.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "frogdesignmexico.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akCyr7eDAZNTV2GtOqQV3QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
Saec
2026-06-27 22:15:09
(2 days ago)
Jarvis auto-ban: CF honeypot path /wp-login.php (1ร on saec.ovh)
Port Scan
Web App Attack
๐ฎ๐น
VHosting
2026-06-27 21:35:08
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 20:36:27
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:36:20.787901 2026] [security2:error] [pid 24748:tid 24748] [client 116.202.32.153:63262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||armrms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "armrms.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akA0RBaIfN6I-ffILH3u-wAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
ofm-abuse
2026-06-27 20:17:07
(2 days ago)
Brute-force
...
Brute-Force
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-27 20:03:18
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 16:03:14.557637 2026] [security2:error] [pid 21904:tid 21904] [client 116.202.32.153:55939] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lopansri.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lopansri.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akAsgjbo2s2-SkdVljB99wAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 19:56:33
(2 days ago)
116.202.32.153 - - [27/Jun/2026:21:56:28 +0200] "POST /wp-login.php HTTP/1.1" 404 27 "https://gl-amf ...
show more
116.202.32.153 - - [27/Jun/2026:21:56:28 +0200] "POST /wp-login.php HTTP/1.1" 404 27 "https://gl-amf.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 19:46:49
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:46:42.972163 2026] [security2:error] [pid 10111:tid 10147] [client 116.202.32.153:57178] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||simulador.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "simulador.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akAoovzSMqXmYxc31wfiEwAAAJE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 18:54:41
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 116.202.32.153 (static.153.32.202.116.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:54:34.783225 2026] [security2:error] [pid 9822:tid 9822] [client 116.202.32.153:55517] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ssion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ssion.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akAcapBjk3dq-aT7a_4K9wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FutureFm
2026-06-05 04:25:00
(3 weeks ago)
Scanner
Port Scan
Brute-Force
Hacking