๐บ๐ธ
Rip
2025-11-12 01:00:32
(7 months ago)
Authentication attack attempt. CMS Brute Force - Access Forbidden
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-11 06:28:54
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 198.54.114.33 (server216.web-hosting.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 198.54.114.33 (server216.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 11 01:28:49.278847 2025] [security2:error] [pid 27278:tid 27278] [client 198.54.114.33:33072] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.roughexports.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.roughexports.com"] [uri "/Wp-JsOn/Wp/V2/UsErS"] [unique_id "aRLXof9SiEzVemU_UFR26QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
london2038.com
2025-11-10 19:53:18
(7 months ago)
Attacking WordPress
198.54.114.33 - - [10/Nov/2025:20:53:08 +0100] "POST /wp-login.php HTTP/2.0" 503 ...
show more
Attacking WordPress
198.54.114.33 - - [10/Nov/2025:20:53:08 +0100] "POST /wp-login.php HTTP/2.0" 503 19291 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-10 17:49:40
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 198.54.114.33 (server216.web-hosting.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 198.54.114.33 (server216.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 12:49:35.708171 2025] [security2:error] [pid 7267:tid 7267] [client 198.54.114.33:45254] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fletcherdouglas.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fletcherdouglas.com"] [uri "/wp-json/Wp/v2/users"] [unique_id "aRIlr9vgmyAEkriTTVnNQAAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-10 16:19:08
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 198.54.114.33 (server216.web-hosting.com): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 198.54.114.33 (server216.web-hosting.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 11:19:03.794635 2025] [security2:error] [pid 3017:tid 3017] [client 198.54.114.33:40808] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.masalamadrid.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.masalamadrid.com"] [uri "/wp-json/wp/V2/users"] [unique_id "aRIQd1lPW4wBiL8g0BC3DQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
etu brutus
2025-11-10 09:35:24
(7 months ago)
198.54.114.33 has been banned for [WebApp Attack]
...
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
smithclass.net
2025-11-10 01:08:43
(8 months ago)
Nov 10 01:08:42 gravy wordpress(smithclass.net)[192964]: Blocked authentication attempt for admin fr ...
show more
Nov 10 01:08:42 gravy wordpress(smithclass.net)[192964]: Blocked authentication attempt for admin from 198.54.114.33
...
show less
Hacking
Brute-Force
๐ฒ๐น
Malta
2025-11-09 22:49:07
(8 months ago)
198.54.114.33 - - [09/Nov/2025:23:49:07 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ...
show more
198.54.114.33 - - [09/Nov/2025:23:49:07 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
๐บ๐ธ
octageeks.com
2025-11-09 05:06:18
(8 months ago)
Wordpress malicious attack:[octausername]
Web App Attack
๐ฒ๐น
Malta
2025-11-08 15:08:22
(8 months ago)
198.54.114.33 - - [08/Nov/2025:16:08:22 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ...
show more
198.54.114.33 - - [08/Nov/2025:16:08:22 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
๐ซ๐ท
Sysadmin Peter
2025-11-07 18:19:22
(8 months ago)
198.54.114.33 - - [07/Nov/2025:19:18:11 +0100] "POST /wp-login.php HTTP/2.0" 200 3025 "https://ja-so ...
show more
198.54.114.33 - - [07/Nov/2025:19:18:11 +0100] "POST /wp-login.php HTTP/2.0" 200 3025 "https://ja-solar.nz/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
198.54.114.33 - - [07/Nov/2025:19:19:21 +0100] "POST /wp-login.php HTTP/2.0" 200 3025 "https://ja-solar.nz/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
rafled
2025-11-07 06:21:10
(8 months ago)
Attempt to login to Wordpress Admin
Web App Attack
๐ฉ๐ช
london2038.com
2025-11-06 21:08:07
(8 months ago)
Attacking WordPress
198.54.114.33 - - [06/Nov/2025:22:08:06 +0100] "POST /wp-login.php HTTP/2.0" 503 ...
show more
Attacking WordPress
198.54.114.33 - - [06/Nov/2025:22:08:06 +0100] "POST /wp-login.php HTTP/2.0" 503 19289 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36"
show less
Brute-Force
Web App Attack
Anonymous
2025-06-14 20:44:20
(1 year ago)
Trawling for Open Source CMS installs
Hacking
Brute-Force
๐จ๐ญ
teamsecure
2025-06-14 20:42:56
(1 year ago)
Banned for trying to access xmlrpc
Web App Attack