๐ฉ๐ช
FeG Deutschland
2026-07-04 08:21:34
(10 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 08:20:56
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 04:20:50.544574 2026] [security2:error] [pid 12053:tid 12053] [client 202.157.177.133:53902] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rogerheath.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rogerheath.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akjCYnlUxTUtm7IWw7x3XQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 05:23:31
(13 hours ago)
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 01:23:24.458937 2026] [security2:error] [pid 11086:tid 11086] [client 202.157.177.133:45250] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kitchen.pizzadata.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kitchen.pizzadata.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akiYzLDOUCAz9K71nYFLWAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 02:58:45
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:58:41.490679 2026] [security2:error] [pid 20745:tid 20745] [client 202.157.177.133:45044] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dorismitchell.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dorismitchell.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akh24b1yuH2xUFOJtIkICgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 00:03:34
(18 hours ago)
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:03:29.618238 2026] [security2:error] [pid 32520:tid 32520] [client 202.157.177.133:36120] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||constructionloansfunding.internetnameregistration.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "constructionloansfunding.internetnameregistration.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akhN0SlZfHe0k2SYx24oowAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:41:21
(22 hours ago)
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 202.157.177.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:41:17.059013 2026] [security2:error] [pid 12555:tid 12555] [client 202.157.177.133:37070] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||theroyalhouseofelohim.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theroyalhouseofelohim.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akgQXc5xOIsCWAbdsEbinAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 07:00:21
(2 days ago)
| CMS scanner: 3 domains targeted (CMS (WordPress or Joomla) login attempt.)
Web App Attack
Hacking
SQL Injection
๐ฒ๐ฝ
octageeks.com
2026-07-02 04:10:18
(2 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐บ๐ธ
cwytech
2026-07-01 06:20:28
(3 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 05:15:53
(3 days ago)
Web attack blocked by Wordfence on limburgsekunstkring.nl (1 hit). Reported by CRMON.
Web App Attack
๐บ๐ธ
xxkodedxx
2026-07-01 04:27:05
(3 days ago)
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get in 10m window.
...
show more
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get in 10m window.
Active: 04:26:50โ04:26:51 UTC
Volume: 2 honeypot probe(s)
Bait taken: /wp-login.php
UA: "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack