π¬π§
andypiper
2026-07-03 01:02:24
(45 minutes ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
π³π±
i-turnradio.nl
2026-07-03 00:11:36
(1 hour ago)
2026-07-03 @ 02:11:36 (CET) ~ Blocked for trying to access: /wp-json/wp/v2/users/
Web App Attack
π©πͺ
FeG Deutschland
2026-07-03 00:07:15
(1 hour ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
Exploited Host
Web App Attack
πΊπΈ
ArturShelby
2026-07-03 00:02:55
(1 hour ago)
Honeypot triggered: /wp-json/wp/v2/users/
Web App Attack
πΊπΈ
integrantservices.com
2026-07-02 23:46:38
(2 hours ago)
(wordpress) Failed wordpress login from 13.86.196.192 (US/United States/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-02 23:42:18
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 19:42:14.666261 2026] [security2:error] [pid 28045:tid 28045] [client 13.86.196.192:1552] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glidetrubooks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glidetrubooks.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akb3VoQDk4NqDyQgrUMnLgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
rsiddall
2026-07-02 23:28:54
(2 hours ago)
13.86.196.192 - - [02/Jul/2026:19:19:00 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 ...
show more
13.86.196.192 - - [02/Jul/2026:19:19:00 -0400] "POST /xmlrpc.php HTTP/1.1" 403 1809 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:126.0) Gecko/20100101 Firefox/126.0"
13.86.196.192 - - [02/Jul/2026:19:28:53 -0400] "POST /xmlrpc.php HTTP/1.1" 301 239 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
...
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-02 23:17:42
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 19:17:37.871852 2026] [security2:error] [pid 16958:tid 16958] [client 13.86.196.192:2657] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||proprocessor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "proprocessor.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbxkTzv6ofyjFwPmIyCdQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
kosada.com
2026-07-02 22:41:53
(3 hours ago)
Web vulnerability probing: /wp-json/wp/v2/users/
Web App Attack
π¨π¦
Dunham Support
2026-07-02 22:41:39
(3 hours ago)
(wordpress) Failed wordpress login from 13.86.196.192 (US/United States/-)
Brute-Force
π©πͺ
london2038.com
2026-07-02 22:40:22
(3 hours ago)
Attacking WordPress
13.86.196.192 - - [03/Jul/2026:00:40:15 +0200] "POST /xmlrpc.php HTTP/1.1" 503 1 ...
show more
Attacking WordPress
13.86.196.192 - - [03/Jul/2026:00:40:15 +0200] "POST /xmlrpc.php HTTP/1.1" 503 18965 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Brave/125"
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 22:40:14
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:40:07.329134 2026] [security2:error] [pid 11720:tid 11720] [client 13.86.196.192:1099] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lozzy.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lozzy.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbox9eq_BNOR7-W66IiywAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 22:23:06
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:22:59.731546 2026] [security2:error] [pid 1472:tid 1472] [client 13.86.196.192:1291] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tortoisehosting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tortoisehosting.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbkw_UNUJ1m_m4vtM_tCAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΉ
Malta
2026-07-02 22:06:03
(3 hours ago)
13.86.196.192 - - [03/Jul/2026:00:06:03 +0200] "GET /wp-json/wp/v2/users/ HTTP/1.1" "Mozilla/5.0 (Wi ...
show more
13.86.196.192 - - [03/Jul/2026:00:06:03 +0200] "GET /wp-json/wp/v2/users/ HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:124.0) Gecko/20100101 Firefox/124.0"
show less
Hacking
Web App Attack
VPN IP
πΊπΈ
TPI-Abuse
2026-07-02 21:58:59
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 13.86.196.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 17:58:54.522133 2026] [security2:error] [pid 1562:tid 1562] [client 13.86.196.192:2502] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||shorelineshowerdoor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shorelineshowerdoor.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akbfHv-dEYiNcWW1FqXtgwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack