π«π·
tecnicorioja
2026-07-06 22:00:26
(4 hours ago)
POST /xmlrpc.php [06/Jul/2026:06:43:52
Brute-Force
Web App Attack
π²πΉ
Malta
2026-07-06 20:32:20
(6 hours ago)
152.53.37.129 - - [06/Jul/2026:22:32:19 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ...
show more
152.53.37.129 - - [06/Jul/2026:22:32:19 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
π©πͺ
Marc
2026-07-06 13:33:39
(13 hours ago)
152.53.37.129 - - [06/Jul/2026:15:23:13 +0200] "GET /wp-login.php HTTP/2.0" 200 16337 "https://wasch ...
show more
152.53.37.129 - - [06/Jul/2026:15:23:13 +0200] "GET /wp-login.php HTTP/2.0" 200 16337 "https://wasch-arena.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 152.53.37.129 - - [06/Jul/2026:15:23:14 +0200] "GET /wp-login.php HTTP/2.0" 200 16034 "https://wasch-arena.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 152.53.37.129 - - [06/Jul/2026:15:32:53 +0200] "GET /wp-login.php HTTP/2.0" 200 3899 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 152.53.37.129 - - [06/Jul/2026:15:32:54 +0200] "POST /wp-login.php HTTP/2.0" 403 10810 "https://www.saatschule.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 152.53.37.129 - - [06/Jul/2026:15:33:39 +0200] "GET /wp-login.php HTTP/2.0" 200 3926 "https://weiss-bla
show less
Brute-Force
Web App Attack
π©πͺ
georgengelmann
2026-07-04 11:52:32
(2 days ago)
Failed login attempt for superuser
Brute-Force
Web App Attack
π¬π·
setupgr
2026-07-04 10:53:24
(2 days ago)
(wplogin_block) Blocked WP-Login Access Attempt 152.53.37.129 (US/United States/Virginia/Manassas/-/ ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 152.53.37.129 (US/United States/Virginia/Manassas/-/[AS214996 NETCUP]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 152.53.37.129 - - [04/Jul/2026:13:49:12 +0300] "GET /wp-login.php HTTP/2.0" 200 7887 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-07-04 06:35:08
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:35:04.499733 2026] [security2:error] [pid 18149:tid 18149] [client 152.53.37.129:58418] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kerrywood.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kerrywood.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akipmAkejL6JKtcyleV_MAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
ELYAZ
2026-07-02 17:11:15
(4 days ago)
(y4) Failed scan -byebye- from 152.53.37.129 (US/United States/srv-us-1.nvme-servers.com): (CF_ENAB ...
show more
(y4) Failed scan -byebye- from 152.53.37.129 (US/United States/srv-us-1.nvme-servers.com): (CF_ENABLE)
show less
Hacking
π«π·
masterguru
2026-07-02 07:52:42
(4 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 152.53.37.129 (US/United States/srv-us-1.nvme ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 152.53.37.129 (US/United States/srv-us-1.nvme-servers.com): 1 in the last 3600 secs (0-195)
show less
Hacking
π©πͺ
Hazzard
2026-07-02 00:39:57
(5 days ago)
(wordpress) Failed wordpress login from 152.53.37.129 (AT/Austria/-/-/srv-us-1.nvme-servers.com/[red ...
show more
(wordpress) Failed wordpress login from 152.53.37.129 (AT/Austria/-/-/srv-us-1.nvme-servers.com/[redacted]): (CF_ENABLE)
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-28 23:24:07
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:24:00.083393 2026] [security2:error] [pid 20530:tid 20562] [client 152.53.37.129:52306] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||supercyprus.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "supercyprus.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGtEPLizvKzYGs8ilENQAAAAZE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-28 17:13:13
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π¨πΏ
ptlab
2026-06-27 18:45:04
(1 week ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-19 11:39:31
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 07:39:25.263618 2026] [security2:error] [pid 16434:tid 16508] [client 152.53.37.129:52440] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jpdesign.us.jean-paullederer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jpdesign.us.jean-paullederer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajUqbTeo5KRg8xJveItXtwAAAYw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-08 10:11:36
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 152.53.37.129 (srv-us-1.nvme-servers.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:11:30.484519 2026] [security2:error] [pid 5901:tid 5901] [client 152.53.37.129:58574] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wild-goose.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wild-goose.net"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiaVUrpauC4kma_2QLM1WAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
ELYAZ
2026-06-08 08:11:52
(4 weeks ago)
(wordpress) Failed wordpress login from 152.53.37.129 (AT/Austria/srv-us-1.nvme-servers.com): (CF_E ...
show more
(wordpress) Failed wordpress login from 152.53.37.129 (AT/Austria/srv-us-1.nvme-servers.com): (CF_ENABLE)
show less
Brute-Force