๐ฉ๐ช
ger-stg-sifi1
2026-07-01 23:58:10
(4 minutes ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฌ๐ง
poundawebsiteltd
2026-07-01 23:09:50
(52 minutes ago)
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 198.46.152.106 - - [02/Jul/2026:00:09:45 +0100] ...
show more
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 198.46.152.106 - - [02/Jul/2026:00:09:45 +0100] POST /wp-login.php HTTP/2.0 200 3552 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 22:58:10
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 18:58:05.334112 2026] [security2:error] [pid 11542:tid 11542] [client 198.46.152.106:57694] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||97films.media|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "97films.media"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akWbfTuYqV3Vjg_52Dc3igAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-01 22:01:00
(2 hours ago)
wp-login attack [01/Jul/2026:22:31:42
Brute-Force
Web App Attack
๐ฉ๐ช
nyt
2026-07-01 22:00:50
(2 hours ago)
Repeated WordPress login POSTs blocked by WAF (3 in 6h)
Brute-Force
Web App Attack
๐ซ๐ฎ
6kilowatti
2026-07-01 21:35:28
(2 hours ago)
198.46.152.106 - - [02/Jul/2026:00:35:28 +0300] "GET /author-sitemap.xml?password-protected=login&re ...
show more
198.46.152.106 - - [02/Jul/2026:00:35:28 +0300] "GET /author-sitemap.xml?password-protected=login&redirect_to=https%3A%2F%2Flvi-viitala.6kw.fi%2Fauthor-sitemap.xml HTTP/1.1" 404 1685 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-01 20:27:32
(3 hours ago)
(y4) Failed scan -byebye- from 198.46.152.106 (US/United States/-): (CF_ENABLE)
Hacking
๐ฉ๐ช
FeG Deutschland
2026-07-01 16:45:35
(7 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:40:29
(7 hours ago)
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:40:24.411926 2026] [security2:error] [pid 19217:tid 19217] [client 198.46.152.106:55654] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||staging.groovedoctors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staging.groovedoctors.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akVC-BRrnOYIXRjsT8Qh8gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 15:06:21
(8 hours ago)
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:06:14.350309 2026] [security2:error] [pid 23335:tid 23335] [client 198.46.152.106:38424] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||acarsubscription.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "acarsubscription.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akUs5jvNxPAqOf3iTR1wBwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 13:02:53
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 09:02:46.806653 2026] [security2:error] [pid 12557:tid 12557] [client 198.46.152.106:50812] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dev.ericadamsdesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dev.ericadamsdesign.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akUP9sLFsPL0NnNjWunDpAAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 11:55:16
(12 hours ago)
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 07:55:13.181825 2026] [security2:error] [pid 3817:tid 3817] [client 198.46.152.106:51616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rame-int.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rame-int.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akUAIS_j_HovzH8HWoIDSAAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
ingroscart.it
2026-07-01 11:25:22
(12 hours ago)
(wordpress) Failed wordpress login from 198.46.152.106 (US/United States/California/Santa Clara/-/[r ...
show more
(wordpress) Failed wordpress login from 198.46.152.106 (US/United States/California/Santa Clara/-/[redacted])
show less
Brute-Force
๐ฒ๐น
Malta
2026-07-01 10:53:22
(13 hours ago)
198.46.152.106 - - [01/Jul/2026:12:53:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintos ...
show more
198.46.152.106 - - [01/Jul/2026:12:53:22 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 09:54:22
(14 hours ago)
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 198.46.152.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 05:54:14.881458 2026] [security2:error] [pid 11752:tid 11752] [client 198.46.152.106:42874] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||indoorsfinishing.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "indoorsfinishing.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTjxjHpjqW83HxInATvsgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack