๐ฉ๐ช
FeG Deutschland
2026-07-02 06:11:43
(3 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-01 22:00:41
(11 hours ago)
wp-login attack [01/Jul/2026:06:35:25
Brute-Force
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-01 13:03:03
(20 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-01 02:34:51
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฌ๐ง
poundawebsiteltd
2026-06-30 18:42:10
(1 day ago)
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 144.79.132.192 - - [30/Jun/2026:19:42:05 +0100] ...
show more
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 144.79.132.192 - - [30/Jun/2026:19:42:05 +0100] POST /wp-login.php HTTP/2.0 200 2988 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:55:37
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:55:33.459734 2026] [security2:error] [pid 6104:tid 6104] [client 144.79.132.192:41116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||realdoctorstories.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "realdoctorstories.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akP1BX0x9U4PnoYZ9XEABgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-06-30 09:06:43
(2 days ago)
WordPress login attempt
Brute-Force
๐ฒ๐ฝ
octageeks.com
2026-06-30 04:13:48
(2 days ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 18:03:11
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 14:03:07.837471 2026] [security2:error] [pid 25383:tid 25383] [client 144.79.132.192:58942] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cm-salon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cm-salon.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akKzWx4SDwYhaa8nEC77CAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Hippoline
2026-06-29 16:01:41
(2 days ago)
Jun 29 18:01:40 local wp(senioren.lu)[6542]: Authentication attempt for unknown user administrator f ...
show more
Jun 29 18:01:40 local wp(senioren.lu)[6542]: Authentication attempt for unknown user administrator from 144.79.132.192
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 09:16:30
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:16:26.800427 2026] [security2:error] [pid 24488:tid 24488] [client 144.79.132.192:52236] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gasoilliquidsdaily.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gasoilliquidsdaily.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akI36hEWo3thsyatF95_eQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 03:44:23
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:44:16.279641 2026] [security2:error] [pid 10574:tid 10574] [client 144.79.132.192:48912] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oakvillenaturopathicclinic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oakvillenaturopathicclinic.com"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akHqEFBFa27F0NuHx6sdBwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-29 00:42:44
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 23:44:06
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:43:59.605533 2026] [security2:error] [pid 19862:tid 19862] [client 144.79.132.192:55388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thorndikestudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thorndikestudio.com"] [uri "/wp-json/wp/v2/users/7"] [unique_id "akGxv4nE7gjfWC5CMNDJOAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 22:36:56
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 144.79.132.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:36:52.429348 2026] [security2:error] [pid 31072:tid 31072] [client 144.79.132.192:33442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||servecon.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "servecon.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akGiBNyrWd8gt8rKlkGV4AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack