๐ณ๐ฑ
enpepet
2026-07-05 23:09:21
(15 hours ago)
GENERAL: parametres: [url:uploadCustomIcon=] UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 C ...
show more
GENERAL: parametres: [url:uploadCustomIcon=] UA:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 Chrome/121.0.0.0 Safari/537.36 URL:/index.php?option=com_sppagebuilder&task=asset.uploadCustomIcon
show less
Port Scan
Hacking
Brute-Force
Bad Web Bot
๐ง๐ช
taivas.nl
2026-05-10 04:32:35
(1 month ago)
Many_bad_calls
Web App Attack
๐ง๐ช
taivas.nl
2026-05-09 06:02:11
(1 month ago)
Bad_requests
Bad Web Bot
๐บ๐ธ
kosada.com
2026-05-09 05:53:18
(1 month ago)
Web vulnerability probing: //wordpress/wp-includes/wlwmanifest.xml (bogus vhost/SNI)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 05:36:10
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 149.102.233.212 (unn-149-102-233-212.datapacket ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.233.212 (unn-149-102-233-212.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 01:36:04.645683 2026] [security2:error] [pid 13600:tid 13600] [client 149.102.233.212:56469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cashforjunkcars.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cashforjunkcars.info"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "af7HxCjunaPBmXXPcPdzCwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-05-09 05:33:52
(1 month ago)
Empty UA + error, WP Author Enumeration
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 05:19:33
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 149.102.233.212 (unn-149-102-233-212.datapacket ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.233.212 (unn-149-102-233-212.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 01:19:27.901981 2026] [security2:error] [pid 22188:tid 22188] [client 149.102.233.212:60360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.cafelimelight.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cafelimelight.info"] [uri "/wp-json/wp/v2/users/"] [unique_id "af7D348gniySnQGmfn56nAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-05-09 04:47:54
(1 month ago)
Web App Attack Exploid from 149.102.233.212
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-01 08:26:43
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 149.102.233.212 (unn-149-102-233-212.datapacket ...
show more
(mod_security) mod_security (id:225170) triggered by 149.102.233.212 (unn-149-102-233-212.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 04:26:38.106332 2026] [security2:error] [pid 23275:tid 23275] [client 149.102.233.212:52017] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nightknightalarms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nightknightalarms.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "afRjvpPM8_CbyaZazmdPwQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WellSpring
2026-05-01 08:25:57
(2 months ago)
wordpress scan on notgit.org/wp/wp-includes/wlwmanifest.xml โ WellSpr.ing/NetSentinel civic-AI secur ...
show more
wordpress scan on notgit.org/wp/wp-includes/wlwmanifest.xml โ WellSpr.ing/NetSentinel civic-AI security layer
show less
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-04-18 02:33:34
(2 months ago)
221 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
๐ท๐บ
DZBOT
2026-04-18 02:23:02
(2 months ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-04-18 02:09:52
(2 months ago)
149.102.233.212 - - [18/Apr/2026:04:09:50 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.0" 404 466 ...
show more
149.102.233.212 - - [18/Apr/2026:04:09:50 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.0" 404 466 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
149.102.233.212 - - [18/Apr/2026:04:09:50 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
149.102.233.212 - - [18/Apr/2026:04:09:52 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.0" 404 466 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
149.102.233.212 - - [18/Apr/2026:04:09:52 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 286 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
149.102.233.212 - - [18/Apr/2026:04:09:52 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.0" 4
...
show less
Brute-Force
Web App Attack
๐ง๐ท
KingHost
2025-11-12 12:45:13
(7 months ago)
Brute-Force
๐ง๐ช
cmbplf
2025-11-04 06:31:58
(8 months ago)
595 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot