๐ฉ๐ช
FeG Deutschland
2026-07-04 07:39:48
(17 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:19:08
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:19:02.143089 2026] [security2:error] [pid 13089:tid 13089] [client 192.250.229.184:34168] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||blog.l3l4.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "blog.l3l4.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgZNhlSZCb0cBFeMNTIGwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:18:12
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:18:07.929682 2026] [security2:error] [pid 10981:tid 10981] [client 192.250.229.184:52222] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||convtek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "convtek.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akgK73abEbLxH2xGauIbaQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:05:04
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:04:57.795321 2026] [security2:error] [pid 28002:tid 28002] [client 192.250.229.184:58772] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doctorbalog.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doctorbalog.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akf5yWVXCBanl4oqILEtEgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:39:30
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:39:24.374833 2026] [security2:error] [pid 23216:tid 23216] [client 192.250.229.184:42178] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bigislandhawaiirealestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bigislandhawaiirealestate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akefbFU4iUz5yQwElROVvQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 09:27:29
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 05:27:22.928107 2026] [security2:error] [pid 26838:tid 26838] [client 192.250.229.184:45910] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bostonmarathonstories.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bostonmarathonstories.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akeAenEdg-oRyaLDbmon5AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 07:03:55
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:03:47.760947 2026] [security2:error] [pid 13397:tid 13397] [client 192.250.229.184:54384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sooperare.com.forefrontmusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sooperare.com.forefrontmusic.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akde07wN5KUA8cK3yG6NEgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-02 23:24:34
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 23:03:56
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.184 (s13608.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 19:03:53.910707 2026] [security2:error] [pid 20853:tid 20853] [client 192.250.229.184:42100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||help.go4food.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "help.go4food.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akbuWTXnD--tbY8q-Z6nWgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-02 10:08:36
(2 days ago)
WP User Enumeration, 403 status indicates potential unauthorized access attempt., WP Author Enumerat ...
show more
WP User Enumeration, 403 status indicates potential unauthorized access attempt., WP Author Enumeration
show less
Web App Attack
๐ฒ๐น
Malta
2026-07-01 19:02:44
(3 days ago)
192.250.229.184 - - [01/Jul/2026:21:02:43 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Li ...
show more
192.250.229.184 - - [01/Jul/2026:21:02:43 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐จ๐ฟ
ptlab
2026-06-30 18:45:11
(4 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-30 04:26:47
(4 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฒ๐น
Malta
2026-06-30 01:08:51
(5 days ago)
192.250.229.184 - - [30/Jun/2026:03:08:51 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macinto ...
show more
192.250.229.184 - - [30/Jun/2026:03:08:51 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
mnsf
2026-06-29 12:05:51
(5 days ago)
Abuse Detected (1)
Brute-Force
Web App Attack