๐ฌ๐ง
spamverify.com
2026-07-10 21:11:33
(1 week ago)
Honeypot Hit: WordPress Login
Web Spam
Blog Spam
Bad Web Bot
Web App Attack
๐ต๐ฑ
reportingbot
2026-07-10 10:55:00
(1 week ago)
WordPress admin webpage brute force login attempts
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
Hacking
๐ฉ๐ช
brechtr
2026-07-08 23:48:06
(1 week ago)
[Press84-BanHammer] bad username โ Sourced from: www.langsvlaamsewegen.be โ Request: POST /wp-login. ...
show more
[Press84-BanHammer] bad username โ Sourced from: www.langsvlaamsewegen.be โ Request: POST /wp-login.php
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-13 01:21:35
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 21:21:27.673472 2026] [security2:error] [pid 27085:tid 27085] [client 213.160.71.30:47746] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.circleinthesquare.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.circleinthesquare.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aiywl7rD6n4_q2KYk5yrkAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-13 00:24:43
(1 month ago)
213.160.71.30 - - [13/Jun/2026:02:24:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 206 "-" "Mozilla/5.0 ...
show more
213.160.71.30 - - [13/Jun/2026:02:24:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 206 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0"
213.160.71.30 - - [13/Jun/2026:02:24:31 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:80.0) Gecko/20100101 Firefox/80.0"
213.160.71.30 - - [13/Jun/2026:02:24:37 +0200] "POST /wp-login.php HTTP/1.1" 200 130332 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0"
213.160.71.30 - - [13/Jun/2026:02:24:37 +0200] "POST /wp-login.php HTTP/1.1" 200 129848 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:49.0) Gecko/20100101 Firefox/49.0"
213.160.71.30 - - [13/Jun/2026:02:24:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:42.0) Gecko/20100101 Firefox/42.0"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 08:58:47
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 04:58:40.822980 2026] [security2:error] [pid 26320:tid 26363] [client 213.160.71.30:46334] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.guitarprimer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.guitarprimer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiPhQFWKUhcRnqERKKZn5QAAANY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 07:03:29
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:03:25.083131 2026] [security2:error] [pid 9007:tid 9007] [client 213.160.71.30:44578] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.georgegourmet.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.georgegourmet.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiPGPRGuj97qkB51RheYSgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-06 06:31:39
(1 month ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
itsolon
2026-06-06 01:49:08
(1 month ago)
[06/Jun/2026:03:49:07 +0200] 178071054718.371537 213.160.71.30 49110 217.154.7.177 443
[06/Jun/2026: ...
show more
[06/Jun/2026:03:49:07 +0200] 178071054718.371537 213.160.71.30 49110 217.154.7.177 443
[06/Jun/2026:03:49:07 +0200] 178071054725.301066 213.160.71.30 49170 217.154.7.177 443
[06/Jun/2026:03:49:08 +0200] 178071054894.736997 213.160.71.30 49246 217.154.7.177 443
[06/Jun/2026:03:49:08 +0200] 178071054858.594562 213.160.71.30 49284 217.154.7.177 443
[06/Jun/2026:03:49:08 +0200] 178071054899.274820 213.160.71.30 49316 217.154.7.177 443
...
show less
Port Scan
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 23:50:58
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 19:50:52.163254 2026] [security2:error] [pid 7930:tid 7930] [client 213.160.71.30:39760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thewhispertwins.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thewhispertwins.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiNg3OKcepfnMOTjp4F6-QAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-22 22:46:15
(1 month ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2026-05-21 22:04:40
(1 month ago)
[redacted] 213.160.71.30 - - [22/May/2026:00:04:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "M ...
show more
[redacted] 213.160.71.30 - - [22/May/2026:00:04:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0"
[redacted] 213.160.71.30 - - [22/May/2026:00:04:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
[redacted] 213.160.71.30 - - [22/May/2026:00:04:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0"
[redacted] 213.160.71.30 - - [22/May/2026:00:04:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:57.0) Gecko/20100101 Firefox/57.0"
[redacted] 213.160.71.30 - - [22/May/2026:00:04:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"
[redacted] 213.160.71.30 - - [22/May/2026:00:04:38 +0200] "POST /xmlrpc.ph
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 19:24:38
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 15:24:33.626666 2026] [security2:error] [pid 8245:tid 8245] [client 213.160.71.30:42016] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ardeeapps.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ardeeapps.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag4KcS7wBCjJfmdjaT_sLgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 00:34:16
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 213.160.71.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 20:34:09.500702 2026] [security2:error] [pid 19489:tid 19489] [client 213.160.71.30:53550] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brandoncomputergeeks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brandoncomputergeeks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag0BgSKz1CiCR6K6Yv5AuQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-05-19 18:02:50
(1 month ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack