π²π½
octageeks.com
2026-07-03 04:14:51
(1 day ago)
Wordpress malicious attack:[octawp]
Web App Attack
Anonymous
2026-07-02 23:11:03
(2 days ago)
Bot / scanning and/or hacking attempts: GET /?rest_route=/wp/v2/users&per_page=100&_fields=s ...
show more
Bot / scanning and/or hacking attempts: GET /?rest_route=/wp/v2/users&per_page=100&_fields=slug HTTP/1., GET /feed/ HTTP/1.1, GET /wp-json/wp/v2/users?per_page=100&_fields=id,slug HTTP/1.1, [0/0] init, GET /wp-login.php HTTP/2.0
show less
Hacking
Web App Attack
π©πͺ
AlexEventfahrtenIPDB
2026-07-02 22:49:36
(2 days ago)
[Fri Jul 03 00:49:33.770821 2026] [authz_core:error] [pid 3289811:tid 3289811] [client 161.18.228.63 ...
show more
[Fri Jul 03 00:49:33.770821 2026] [authz_core:error] [pid 3289811:tid 3289811] [client 161.18.228.63:52160] AH01630: client denied by server configuration: /var/www/std-sites/cadillac/wp-login.php
[Fri Jul 03 00:49:35.541869 2026] [authz_core:error] [pid 3289726:tid 3289726] [client 161.18.228.63:52174] AH01630: client denied by server configuration: /var/www/std-sites/cadillac/wp-login.php, referer: https://alex-eventfahrten.spdns.de/wp-login.php
...
show less
Brute-Force
Web App Attack
πΊπΈ
nationaleventpros.com
2026-07-02 22:19:21
(2 days ago)
WordPress login attempt
Brute-Force
π©πͺ
Ba-Yu
2026-07-02 18:47:31
(2 days ago)
WordPress bruteforce
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 14:25:24
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:25:17.981954 2026] [security2:error] [pid 5314:tid 5314] [client 161.18.228.63:48804] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||desarrollosdecolima.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "desarrollosdecolima.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akZ0za212qTuxoQO6LiI5QAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 13:21:56
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:21:52.522423 2026] [security2:error] [pid 14933:tid 14933] [client 161.18.228.63:45938] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||theroyalhouseofelohim.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theroyalhouseofelohim.org"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akZl8Il5yakrnwPfAe9-VwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 12:39:17
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:39:09.394242 2026] [security2:error] [pid 22413:tid 22413] [client 161.18.228.63:51772] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brbvip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brbvip.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akZb7SkJmeVD7cp1fuQ8KwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
neckaralb-admin.de
2026-07-02 11:54:41
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 11:15:51
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:15:45.823820 2026] [security2:error] [pid 18340:tid 18340] [client 161.18.228.63:34486] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||100pairofpajamas.srtmanagementservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "100pairofpajamas.srtmanagementservices.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akZIYVNwaKcrQ3epxVWeAgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-07-02 03:21:33
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
π«π·
masterguru
2026-07-02 02:36:21
(2 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 161.18.228.63 (CO/Colombia/-): 1 in the last ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 161.18.228.63 (CO/Colombia/-): 1 in the last 3600 secs (0-195)
show less
Hacking
π©πͺ
ger-stg-sifi1
2026-07-02 01:54:34
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 11:17:03
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:16:56.486761 2026] [security2:error] [pid 30637:tid 30637] [client 161.18.228.63:34828] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||yerevanpress.am|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "yerevanpress.am"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akOlqLGimsrwsEw78M_9OwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 09:41:20
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 161.18.228.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:41:17.758749 2026] [security2:error] [pid 20418:tid 20418] [client 161.18.228.63:51340] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eileensharaga.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eileensharaga.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akOPPRFgJycuHcqWaI4l4AAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack