๐ฉ๐ช
FeG Deutschland
2026-07-04 19:38:18
(7 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
Anonymous
2026-07-04 14:16:20
(12 hours ago)
Web attack blocked by Wordfence on www.gerhuntjens.nl (1 hit). Reported by CRMON.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 08:06:49
(18 hours ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:06:41.525710 2026] [security2:error] [pid 11888:tid 11888] [client 20.75.217.71:6273] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||susanleeward.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "susanleeward.com"] [uri "/wp-json/wp/v2/users/6"] [unique_id "aki_ES31Bm1SYQRq8mjSBQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 20:22:38
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 16:22:31.191477 2026] [security2:error] [pid 16190:tid 16190] [client 20.75.217.71:5469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||snowrideadventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "snowrideadventures.com"] [uri "/wp-json/wp/v2/users/6"] [unique_id "akgaB8-MSQL3Ibkq7FHGtgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 15:28:04
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 14:31:37
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 10:31:33.214503 2026] [security2:error] [pid 6041:tid 6041] [client 20.75.217.71:5469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||renjunews.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "renjunews.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akfHxXOpJdleoCUOmpqTDQAAADY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:52:26
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:52:18.196309 2026] [security2:error] [pid 21410:tid 21410] [client 20.75.217.71:5277] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||illumoonatedtarot.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "illumoonatedtarot.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeiciXFlVYEndr4y3JIYAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:29:52
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:29:46.213876 2026] [security2:error] [pid 23508:tid 23508] [client 20.75.217.71:5455] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hotpay.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotpay.co"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akdW2n8eh96PwGTgXm_2rwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-01 04:01:14
(3 days ago)
XMLRPC Attack, WP User Enumeration
Brute-Force
Web App Attack
๐ฒ๐น
Malta
2026-06-30 13:33:18
(4 days ago)
20.75.217.71 - - [30/Jun/2026:15:33:17 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; ...
show more
20.75.217.71 - - [30/Jun/2026:15:33:17 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 09:34:40
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:34:37.177954 2026] [security2:error] [pid 27388:tid 27690] [client 20.75.217.71:3934] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mtiminis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mtiminis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akI8Laq5jBmxooGGeNX14AAAAI4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 05:47:49
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:47:45.881883 2026] [security2:error] [pid 9904:tid 9904] [client 20.75.217.71:3589] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hydrusdetergents.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hydrusdetergents.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akIHAYGxs54wQ4YwxtY8GAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-29 02:23:31
(6 days ago)
[MonJun2904:23:25.9211822026][security2:error][pid517256:tid517289][client20.75.217.71:0]ModSecurity ...
show more
[MonJun2904:23:25.9211822026][security2:error][pid517256:tid517289][client20.75.217.71:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"urbani.ch\"][uri\"/xmlrpc.php\"][unique_id\"akHXHcSzrqiDnuWv9YkQCAAAAUI\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 00:51:29
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:51:23.918360 2026] [security2:error] [pid 6240:tid 6240] [client 20.75.217.71:5447] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||guldunyayayinlari.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "guldunyayayinlari.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akHBi8IpIhEDG7dFOSitsgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 00:11:50
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 20.75.217.71 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:11:46.833557 2026] [security2:error] [pid 29119:tid 29119] [client 20.75.217.71:5491] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cnphilos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cnphilos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akG4QuUYSdW0pZnHyvhXEQAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack