๐ฉ๐ช
brechtr
2026-06-16 15:58:38
(2 weeks ago)
[Press84-BanHammer] bad username โ Sourced from: www.langsvlaamsewegen.be โ Request: POST /wp-login. ...
show more
[Press84-BanHammer] bad username โ Sourced from: www.langsvlaamsewegen.be โ Request: POST /wp-login.php
show less
Brute-Force
๐บ๐ธ
cwytech
2026-06-16 09:49:35
(2 weeks ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
Anonymous
2026-06-15 23:20:03
(2 weeks ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-15 04:23:47
(2 weeks ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-14 22:52:39
(2 weeks ago)
(y4) Failed scan -byebye- from 185.208.164.120 (PL/Poland/s20.cyber-folks.pl): (CF_ENABLE)
Hacking
๐บ๐ธ
lostswordfish.com
2026-06-14 04:42:04
(2 weeks ago)
Wordfence waf block on registrymatters
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-12 15:15:15
(2 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 19:55:58
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.208.164.120 (s20.cyber-folks.pl): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 185.208.164.120 (s20.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 15:55:54.461605 2026] [security2:error] [pid 23464:tid 23490] [client 185.208.164.120:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mindgardens.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mindgardens.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aisSyivY9eLfED8-FxHr7wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-07 17:48:49
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.208.164.120 (s20.cyber-folks.pl): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 185.208.164.120 (s20.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 13:48:43.360703 2026] [security2:error] [pid 10946:tid 10946] [client 185.208.164.120:59934] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mfleetservice.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mfleetservice.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiWu--naM-KYa1wgtkpKQwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Vianpyro
2026-06-07 00:42:33
(3 weeks ago)
Honeypot: 10 request(s) in 0 min. Paths: /, /wp-json/wp/v2/posts. Method(s): GET. UA: Mozilla/5.0 (X ...
show more
Honeypot: 10 request(s) in 0 min. Paths: /, /wp-json/wp/v2/posts. Method(s): GET. UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/14. ASN: 41079 (CF-Shared-Hosting GD).
show less
Web App Attack
Bad Web Bot
Brute-Force
๐ฒ๐น
Malta
2026-06-06 17:56:03
(3 weeks ago)
185.208.164.120 - - [06/Jun/2026:19:56:03 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh ...
show more
185.208.164.120 - - [06/Jun/2026:19:56:03 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐ฉ๐ช
FeG Deutschland
2026-06-06 11:03:23
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-06-06 07:02:05
(3 weeks ago)
Wordfence waf block on robdarnell
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 05:40:02
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 185.208.164.120 (s20.cyber-folks.pl): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 185.208.164.120 (s20.cyber-folks.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 01:39:54.992304 2026] [security2:error] [pid 16266:tid 16266] [client 185.208.164.120:54942] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cccorponline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cccorponline.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "aiOyqtnOl5V5INMTcF4S8QAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-06 04:10:40
(3 weeks ago)
Wordpress malicious attack:[octawp]
Web App Attack