๐บ๐ธ
cwytech
2026-07-01 13:19:37
(3 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
๐ซ๐ท
solution.it
2026-06-30 05:22:33
(1 day ago)
[Tue Jun 30 07:22:32.931270 2026] [php7:error] [pid 3924090:tid 3924090] [client 193.53.40.140:35966 ...
show more
[Tue Jun 30 07:22:32.931270 2026] [php7:error] [pid 3924090:tid 3924090] [client 193.53.40.140:35966] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat
show less
Web App Attack
๐บ๐ธ
nyt
2026-06-30 05:09:15
(1 day ago)
WP User Enumeration
Web App Attack
Anonymous
2026-06-30 00:32:33
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
ingroscart.it
2026-06-30 00:22:55
(1 day ago)
(wordpress) Failed wordpress login from 193.53.40.140 (SE/Sweden/Stockholm County/Stockholm/server.h ...
show more
(wordpress) Failed wordpress login from 193.53.40.140 (SE/Sweden/Stockholm County/Stockholm/server.hostclouder.net/[redacted])
show less
Brute-Force
๐บ๐ธ
ambor
2026-06-29 14:21:58
(2 days ago)
L0ss Honeypot: WordPress login access attempt. Path: /wp-login.php
Brute-Force
Web App Attack
๐จ๐ฆ
SoteriaCovenant
2026-06-29 10:08:31
(2 days ago)
Automated probe: /wp-includes/xmlrpc.php on Soteria Global infrastructure. No vulnerable software pr ...
show more
Automated probe: /wp-includes/xmlrpc.php on Soteria Global infrastructure. No vulnerable software present.
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 09:34:46
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:34:43.212565 2026] [security2:error] [pid 7512:tid 7512] [client 193.53.40.140:41244] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bostonmarathonstories.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bostonmarathonstories.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akI8MzpKhnPp9Dasf45cXgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 09:05:47
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:05:42.516170 2026] [security2:error] [pid 21249:tid 21249] [client 193.53.40.140:47146] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ismaelcavazos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ismaelcavazos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akI1ZuXjr8gOW9tFPRznRgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:58:52
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:58:48.595331 2026] [security2:error] [pid 20975:tid 20975] [client 193.53.40.140:52110] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hopeforthefuture.africa.greenlight.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hopeforthefuture.africa.greenlight.us"] [uri "/wp-json/wp/v2/users"] [unique_id "akIluAmlZncnTklx60s3GQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:33:14
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:33:10.358635 2026] [security2:error] [pid 12028:tid 12028] [client 193.53.40.140:32780] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brainstormer.soy|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brainstormer.soy"] [uri "/wp-json/wp/v2/users"] [unique_id "akIftovjc7Ov1I04FMfHWQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 03:13:34
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:13:29.080311 2026] [security2:error] [pid 5076:tid 5076] [client 193.53.40.140:50848] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pharmaceuticalsalescareerhub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pharmaceuticalsalescareerhub.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akHi2fZYjuxVQwrPGS879wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-28 23:05:39
(2 days ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 20:36:52
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in th ...
show more
(mod_security) mod_security (id:225170) triggered by 193.53.40.140 (server.hostclouder.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:36:47.161238 2026] [security2:error] [pid 22078:tid 22078] [client 193.53.40.140:47156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||danielbrower.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "danielbrower.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGF39zLFNh5IY_96jbttgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-28 19:03:24
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack