๐ฉ๐ช
FeG Deutschland
2026-07-07 16:24:23
(3 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-07 04:12:41
(15 hours ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐จ๐ฟ
ptlab
2026-07-07 02:45:08
(16 hours ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
Anonymous
2026-07-07 01:10:35
(18 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
Hazzard
2026-07-06 14:45:18
(1 day ago)
(wordpress) Failed wordpress login from 192.250.229.92 (DE/Germany/Hesse/Frankfurt am Main/s3181.fra ...
show more
(wordpress) Failed wordpress login from 192.250.229.92 (DE/Germany/Hesse/Frankfurt am Main/s3181.fra1.stableserver.net/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
ambor
2026-07-06 09:02:15
(1 day ago)
Honeypot access: WordPress XML-RPC attack attempt. Path: /xmlrpc.php
Brute-Force
Web App Attack
๐ฒ๐น
Malta
2026-07-05 22:43:35
(1 day ago)
192.250.229.92 - - [06/Jul/2026:00:43:35 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ...
show more
192.250.229.92 - - [06/Jul/2026:00:43:35 +0200] "POST /xmlrpc.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-05 08:11:02
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.92 (s3181.fra1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.92 (s3181.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 04:10:55.911038 2026] [security2:error] [pid 25948:tid 25948] [client 192.250.229.92:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cloudex.click|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cloudex.click"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akoRjwr1DKsde9CfiRYcjgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-04 07:35:35
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 23:17:34
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.92 (s3181.fra1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.92 (s3181.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:17:27.856019 2026] [security2:error] [pid 14625:tid 14625] [client 192.250.229.92:58280] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oogeothermal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oogeothermal.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akhDB9F1m1rmtWpi-1pLjwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 08:15:05
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:20:09
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 192.250.229.92 (s3181.fra1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 192.250.229.92 (s3181.fra1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:20:01.843899 2026] [security2:error] [pid 15005:tid 15005] [client 192.250.229.92:46216] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kildarafarms.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kildarafarms.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akdUke9Y7IvyJfaCGQWqUwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-07-02 23:30:36
(4 days ago)
WordPress login attempt
Brute-Force
Anonymous
2026-07-02 07:42:08
(5 days ago)
192.250.229.92 - - [02/Jul/2026:09:42:03 +0200] "GET /wp-login.php HTTP/2.0" 200 3997 "-" "Mozilla/5 ...
show more
192.250.229.92 - - [02/Jul/2026:09:42:03 +0200] "GET /wp-login.php HTTP/2.0" 200 3997 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
...
show less
Web App Attack
๐ฒ๐น
Malta
2026-07-02 03:14:49
(5 days ago)
192.250.229.92 - - [02/Jul/2026:05:14:49 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Lin ...
show more
192.250.229.92 - - [02/Jul/2026:05:14:49 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
show less
Hacking
Web App Attack