๐ฒ๐น
Malta
2026-07-01 03:46:29
(1 hour ago)
195.88.211.25 - - [01/Jul/2026:05:46:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ...
show more
195.88.211.25 - - [01/Jul/2026:05:46:29 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
Anonymous
2026-07-01 00:18:58
(5 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 19:06:47
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:06:39.342072 2026] [security2:error] [pid 23969:tid 23969] [client 195.88.211.25:46854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kompareiq.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kompareiq.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akQTv0BR8-ifStO9cVhRggAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hazzard
2026-06-30 17:56:29
(11 hours ago)
(wordpress) Failed wordpress login from 195.88.211.25 (ID/Indonesia/Jakarta/Jakarta/mten.kencang.com ...
show more
(wordpress) Failed wordpress login from 195.88.211.25 (ID/Indonesia/Jakarta/Jakarta/mten.kencang.com/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-30 14:43:24
(14 hours ago)
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:43:18.768711 2026] [security2:error] [pid 30198:tid 30198] [client 195.88.211.25:57278] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dianamead.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dianamead.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akPWBhiwZXUcJbgO1q26YwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-30 07:55:42
(21 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-06-29 20:03:23
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฒ๐น
Malta
2026-06-29 15:23:55
(1 day ago)
195.88.211.25 - - [29/Jun/2026:17:23:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ...
show more
195.88.211.25 - - [29/Jun/2026:17:23:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
dtorrer
2026-06-29 14:15:49
(1 day ago)
Forged login request.
Brute-Force
๐ฌ๐ท
setupgr
2026-06-29 12:04:54
(1 day ago)
(XMLRPC) WP XMLRPC Attack 195.88.211.25 (ID/Indonesia/North Sumatra/Lubuk Pakam/-/[AS214882 ARENHOST ...
show more
(XMLRPC) WP XMLRPC Attack 195.88.211.25 (ID/Indonesia/North Sumatra/Lubuk Pakam/-/[AS214882 ARENHOST Steven Gusti Hutama]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 195.88.211.25 - - [29/Jun/2026:15:04:31 +0300] "GET /xmlrpc.php HTTP/2.0" 503 7318 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Port Scan
๐ฉ๐ช
YF
2026-06-29 09:00:11
(1 day ago)
WordPress author enumeration
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:35:18
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:35:10.606429 2026] [security2:error] [pid 15676:tid 15676] [client 195.88.211.25:47934] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||portlunchgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "portlunchgroup.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akIuPmsVL4vHVWAdKKl6mQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 07:59:07
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:59:01.091242 2026] [security2:error] [pid 17429:tid 17429] [client 195.88.211.25:54038] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hopeforthefuture.africa.greenlight.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hopeforthefuture.africa.greenlight.us"] [uri "/wp-json/wp/v2/users"] [unique_id "akIlxYkrBNYwFVRIEgXNlwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 05:37:20
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 195.88.211.25 (mten.kencang.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:37:12.869688 2026] [security2:error] [pid 20912:tid 20912] [client 195.88.211.25:50490] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||artbytracyjane.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "artbytracyjane.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akIEiG28fOrbuzUl82x9eAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-29 04:12:59
(2 days ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack