๐ฉ๐ช
neckaralb-admin.de
2026-06-30 12:11:07
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-06-30 10:18:39
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-29 22:04:35
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฌ๐ง
ISPLtd
2026-06-29 20:56:23
(3 days ago)
16.63.51.180 - - [29/Jun/2026:17:56:23 -0300] "GET /wp-login.php
16.63.51.180 - - [29/Jun/2026:17:56 ...
show more
16.63.51.180 - - [29/Jun/2026:17:56:23 -0300] "GET /wp-login.php
16.63.51.180 - - [29/Jun/2026:17:56:23 -0300] "POST /wp-login.php
...
show less
Hacking
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-29 20:51:58
(3 days ago)
(y4) Failed scan -byebye- from 16.63.51.180 (CH/Switzerland/ec2-16-63-51-180.eu-central-2.compute.am ...
show more
(y4) Failed scan -byebye- from 16.63.51.180 (CH/Switzerland/ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): (CF_ENABLE)
show less
Hacking
๐ฉ๐ช
Hazzard
2026-06-29 14:11:21
(3 days ago)
(wordpress) Failed wordpress login from 16.63.51.180 (CH/Switzerland/Zurich/Zurich/ec2-16-63-51-180. ...
show more
(wordpress) Failed wordpress login from 16.63.51.180 (CH/Switzerland/Zurich/Zurich/ec2-16-63-51-180.eu-central-2.compute.amazonaws.com/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
xxkodedxx
2026-06-29 08:26:45
(4 days ago)
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10 ...
show more
[Zorvexus edge-defense] Edge-block (probe URI / bad UA / hostile vhost)
Trigger: 1ร edge-block in 10m window.
Origin: CH / AS16509 Amazon.com, Inc.
Active: 08:26:21 UTC
Volume: 1 HTTP req
Probed: /?author=5
Status mix: 444ร1
Vhost fishing: cards.zvxlabs.com
UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:20:55
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:20:49.139032 2026] [security2:error] [pid 29344:tid 29419] [client 16.63.51.180:41752] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||daraluz.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "daraluz.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akIq4SlQJOilTixUgMDkNgAAAM0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:25:16
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:25:11.795618 2026] [security2:error] [pid 3123:tid 3176] [client 16.63.51.180:36538] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||leadingedgesupply.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "leadingedgesupply.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akId15i93YQeiq3BMmKQRwAAAEg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 04:59:30
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:59:26.161341 2026] [security2:error] [pid 32756:tid 32756] [client 16.63.51.180:51782] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rentbright.hangrypandas.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rentbright.hangrypandas.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akH7rmU72JH1KvTfNtv-RAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 04:00:34
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:00:31.099500 2026] [security2:error] [pid 25017:tid 25017] [client 16.63.51.180:60666] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gracebaptisthartsville.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gracebaptisthartsville.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akHt33tF-G61MVFIAwx3uwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 01:29:55
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:29:48.219262 2026] [security2:error] [pid 9005:tid 9005] [client 16.63.51.180:53606] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nomorenicenice.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nomorenicenice.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akHKjKKh34DP1A1UA2RQEwAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 00:55:21
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:55:15.884778 2026] [security2:error] [pid 25779:tid 25779] [client 16.63.51.180:49358] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||solarfarms.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "solarfarms.info"] [uri "/wp-json/wp/v2/users"] [unique_id "akHCc0j9uuOsXP2-8khlpQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 23:07:06
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:07:01.413307 2026] [security2:error] [pid 17511:tid 17511] [client 16.63.51.180:49528] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||difusionens.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "difusionens.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akGpFR2GX8FQIFDEBRwudgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 19:20:48
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.com ...
show more
(mod_security) mod_security (id:225170) triggered by 16.63.51.180 (ec2-16-63-51-180.eu-central-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 15:20:40.351965 2026] [security2:error] [pid 18774:tid 18829] [client 16.63.51.180:52728] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.cynosurelandscapers.cynosureinternetservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.cynosurelandscapers.cynosureinternetservices.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akF0CAlNGMPIM1X7JhssKQAAAUI"]
show less
Brute-Force
Bad Web Bot
Web App Attack