๐ฒ๐ฝ
octageeks.com
2026-07-02 04:07:52
(32 minutes ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฉ๐ช
nyt
2026-07-01 08:50:16
(19 hours ago)
Repeated WordPress login POSTs blocked by WAF (3 in 6h)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:37:49
(20 hours ago)
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:37:41.271753 2026] [security2:error] [pid 16847:tid 16847] [client 139.5.6.52:49914] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.museum.henning.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.museum.henning.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTR1dRRrc9xAKlsLDKwaQAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 08:22:33
(20 hours ago)
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:22:27.020487 2026] [security2:error] [pid 30853:tid 30853] [client 139.5.6.52:33442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kporterdesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kporterdesign.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTOQxwX4LKHjbDu3P5wGAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:44:45
(20 hours ago)
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:44:39.099659 2026] [security2:error] [pid 15440:tid 15440] [client 139.5.6.52:58624] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||femmefire.vanemby.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "femmefire.vanemby.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTFZ0Bd5dOyRWx47zLN4AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-01 07:33:02
(21 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:15:47
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:15:42.067624 2026] [security2:error] [pid 4824:tid 4824] [client 139.5.6.52:49758] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||restest.rayeliotschwartz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "restest.rayeliotschwartz.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akS-nnH2xtlklFRzuFLHPwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 06:40:52
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 139.5.6.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:40:43.734138 2026] [security2:error] [pid 12549:tid 12549] [client 139.5.6.52:41386] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.theaccents.mainstreetofficesuites.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.theaccents.mainstreetofficesuites.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akS2az7ySKmuJgeuY6iQ0wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hazzard
2026-07-01 06:38:34
(22 hours ago)
(wordpress) Failed wordpress login from 139.5.6.52 (IN/India/National Capital Territory of Delhi/Del ...
show more
(wordpress) Failed wordpress login from 139.5.6.52 (IN/India/National Capital Territory of Delhi/Delhi/-/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐ซ๐ท
masterguru
2026-07-01 06:31:27
(22 hours ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 139.5.6.52 (-): 1 in the last 3600 secs (0-19 ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 139.5.6.52 (-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ฉ๐ช
FeG Deutschland
2026-07-01 06:26:24
(22 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
Anonymous
2026-07-01 06:24:05
(22 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-01 05:50:06
(22 hours ago)
Wordfence waf block on madesimpleskincare
Web App Attack
๐บ๐ธ
cwytech
2026-07-01 05:48:11
(22 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 05:46:03
(22 hours ago)
Failed Wordpress Logins
Web App Attack