๐ณ๐ฑ
Mangelot Hosting
2026-07-15 22:05:40
(3 hours ago)
(wp_login_try) srv104 WP Login Attempt 2002:982a:c5f8::982a:c5f8 (US/United States/-): 10 in the las ...
show more
(wp_login_try) srv104 WP Login Attempt 2002:982a:c5f8::982a:c5f8 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 20:49:09
(4 hours ago)
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 16:49:01.951803 2026] [security2:error] [pid 12133:tid 12133] [client 2002:982a:c5f8::982a:c5f8:58127] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.silalaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.silalaw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alfyPQem_zoXPRW48uyqxAAAAAE"], referer: https://www.google.com/search?q=wordpress
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 19:31:03
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 15:30:57.683634 2026] [security2:error] [pid 10486:tid 10486] [client 2002:982a:c5f8::982a:c5f8:64701] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.mccompu.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.mccompu.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alff8SvupVEKf9W10NXiLAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 19:06:30
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 15:06:23.834982 2026] [security2:error] [pid 3737:tid 3737] [client 2002:982a:c5f8::982a:c5f8:64832] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||stacyfarm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stacyfarm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alfaLzEuZLuduwVwzVjb8wAAAAM"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-15 19:05:39
(6 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-15 18:10:49
(7 hours ago)
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 14:10:42.013147 2026] [security2:error] [pid 19351:tid 19351] [client 2002:982a:c5f8::982a:c5f8:57292] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fundingworkingcapital.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fundingworkingcapital.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alfNIomXKtsf3PUno0j6FAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
loadsoporte
2026-07-15 16:56:29
(8 hours ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐ฒ๐พ
Rizzy
2026-07-15 12:00:16
(13 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
jcbriar
2026-07-15 02:49:59
(22 hours ago)
Searching for vulnerable scripts
Hacking
Web App Attack
๐จ๐ฆ
KIsmay
2026-07-15 02:37:13
(23 hours ago)
Jul 14 22:36:27 www4 WPAudit[690949]: 152.42.197.248 goldislandforestproducts.ca "Mozilla/5.0 (Macin ...
show more
Jul 14 22:36:27 www4 WPAudit[690949]: 152.42.197.248 goldislandforestproducts.ca "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/118.0.2" root:AdolfHitler88.3123 FAIL
Jul 14 22:36:38 www4 WPAudit[690949]: 152.42.197.248 goldislandforestproducts.ca "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36" orangecarphuket.com:Ripi3qj!29V FAIL
Jul 14 22:36:49 www4 WPAudit[690949]: 152.42.197.248 goldislandforestproducts.ca "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/120.0.1" pgslot:9wbpsb12T!K FAIL
Jul 14 22:37:00 www4 WPAudit[690949]: 152.42.197.248 goldislandforestproducts.ca "Mozilla/5.0 (X11; Linux x86_64) Gecko/20100101 Firefox/120.0.1" foryourChristmas:Oriper@Mantap1 FAIL
Jul 14 22:37:12 www4 WPAudit[690949]: 152.42.197.248 goldislandforestproducts.ca "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36" Support:WpcTl20240903
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
javierin
2026-07-14 23:01:28
(1 day ago)
152.42.197.248 - javierin.com - - [14/Jul/2026:23:00:24 +0000] "GET /wp-login.php HTTP/1.1" 200 3078 ...
show more
152.42.197.248 - javierin.com - - [14/Jul/2026:23:00:24 +0000] "GET /wp-login.php HTTP/1.1" 200 3078 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0"
152.42.197.248 - javierin.com - - [14/Jul/2026:23:00:55 +0000] "POST /wp-login.php HTTP/1.1" 503 19273 "https://javierin.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0"
152.42.197.248 - javierin.com - - [14/Jul/2026:23:00:59 +0000] "GET /wp-admin/index.php HTTP/1.1" 503 19301 "https://javierin.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:121.0) Gecko/20100101 Firefox/121.0"
152.42.197.248 - javierin.com - - [14/Jul/2026:23:01:04 +0000] "GET /wp-admin/profile.php HTTP/1.1" 503 19273 "https://javierin.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:121.0) Gecko/20100101 Firefox/121.0"
152.42.197.248 - javierin.com - - [14/Jul/2026:23:01:08 +0000] "GET /wp-admin/edit.php HTTP/1.1" 503 19273 "https://javierin
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 21:14:09
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 17:14:02.427697 2026] [security2:error] [pid 10392:tid 10392] [client 2002:982a:c5f8::982a:c5f8:53384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||godcanuseyou.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "godcanuseyou.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alammsqnlgtGxe92CO88pgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-14 20:03:12
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 18:45:56
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:225170) triggered by 2002:982a:c5f8::982a:c5f8 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 14:45:52.250744 2026] [security2:error] [pid 11837:tid 11837] [client 2002:982a:c5f8::982a:c5f8:55819] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||grabagame.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "grabagame.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alaD4NDN8t9UGLvAQC498QAAAAQ"], referer: https://duckduckgo.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-14 17:54:03
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack