๐ฉ๐ช
FeG Deutschland
2026-07-04 06:59:57
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ซ๐ท
Security_Whaller
2026-07-04 05:50:51
(6 days ago)
Malicious activity detected on Honeypot.
Brute-Force
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:50:36
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:50:29.851700 2026] [security2:error] [pid 29921:tid 29921] [client 207.56.227.35:38182] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cynosurephotography.pluralmatrix.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cynosurephotography.pluralmatrix.net"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akiRFXjfyssalUWsGIXfIAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-04 04:08:50
(6 days ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐ฉ๐ช
4server
2026-07-04 04:03:29
(6 days ago)
[SatJul0406:03:23.0085292026][security2:error][pid1018110:tid1018159][client207.56.227.35:0]ModSecur ...
show more
[SatJul0406:03:23.0085292026][security2:error][pid1018110:tid1018159][client207.56.227.35:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"residence.chesasilva.ch\"][uri\"/wp-includes/xmlrpc.php\"][unique_id\"akiGC9UbYgSRRa1xk3NgOQAAAEU\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 03:14:19
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 23:14:15.740068 2026] [security2:error] [pid 4526:tid 4526] [client 207.56.227.35:34984] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cassimandabdallah.williamgilcher.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cassimandabdallah.williamgilcher.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akh6h77MWvAANl-9zmx0qAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 00:07:02
(6 days ago)
Automated web scanner. Requested suspicious paths: /wp-json/wp/v2/users/5. UTC: 2026-07-03 23:24:55.
Web App Attack
๐บ๐ธ
mnsf
2026-07-04 00:05:01
(6 days ago)
Abuse Detected (9)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 23:31:31
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:31:23.521170 2026] [security2:error] [pid 27256:tid 27256] [client 207.56.227.35:46472] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||areafinancieratf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "areafinancieratf.com"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akhGS6YOZ9o74Fi19oUi2gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 23:12:54
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 19:12:49.559734 2026] [security2:error] [pid 9355:tid 9355] [client 207.56.227.35:44728] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||taekwondoit.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "taekwondoit.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akhB8TFHztV0AIvYmvOb8AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
abuseiphack
2026-07-03 22:56:43
(6 days ago)
Automatic report for brute force attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:31:58
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:31:53.986615 2026] [security2:error] [pid 29567:tid 29567] [client 207.56.227.35:36990] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||phalanxemail.axiomemail.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "phalanxemail.axiomemail.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akgqSZhW3s2Stgp0kq05mwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:08:37
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:08:30.027348 2026] [security2:error] [pid 26179:tid 26179] [client 207.56.227.35:42534] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.benkatkin.passy.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.benkatkin.passy.us"] [uri "/wp-json/wp/v2/users"] [unique_id "akgkzqkAO_Vy5AzDUWdcCwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:53:55
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:53:51.674855 2026] [security2:error] [pid 5972:tid 5972] [client 207.56.227.35:56954] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jerielster.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jerielster.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akgTT2MTKg-mtJmT9Cki5AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:13:44
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 207.56.227.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:13:39.001682 2026] [security2:error] [pid 27024:tid 27024] [client 207.56.227.35:35496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nancyscafeandcatering.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nancyscafeandcatering.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "akgJ4mSsYW9z1BbCM3MMtQAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack