๐ฉ๐ช
FeG Deutschland
2026-07-12 05:12:12
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ฒ๐น
Malta
2026-07-11 04:16:00
(2 days ago)
216.250.113.199 - - [11/Jul/2026:06:16:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ...
show more
216.250.113.199 - - [11/Jul/2026:06:16:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐ฉ๐ช
ger-stg-sifi1
2026-07-07 22:49:11
(5 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-04 13:15:33
(1 week ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:23:24
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:23:17.055526 2026] [security2:error] [pid 20821:tid 20821] [client 216.250.113.199:35854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||oruhu.org.circulodesonido.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "oruhu.org.circulodesonido.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akebpS4iB16TojQJBTuLBQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:01:12
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:01:08.718598 2026] [security2:error] [pid 14074:tid 14102] [client 216.250.113.199:35502] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||seguroslugo.soluciona.biz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "seguroslugo.soluciona.biz"] [uri "/wp-json/wp/v2/users"] [unique_id "akdsRN6JP8Pa54N__rlRQQAAAFU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐น
Malta
2026-07-02 15:01:05
(1 week ago)
216.250.113.199 - - [02/Jul/2026:17:01:05 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macinto ...
show more
216.250.113.199 - - [02/Jul/2026:17:01:05 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐ฉ๐ช
FeG Deutschland
2026-07-02 14:53:34
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 20:56:35
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 16:56:28.285766 2026] [security2:error] [pid 26890:tid 26890] [client 216.250.113.199:45564] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||blackberrycircle.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "blackberrycircle.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akV-_MVv7tHESv7F4qJJugAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 00:30:04
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:29:58.665326 2026] [security2:error] [pid 12358:tid 12358] [client 216.250.113.199:46338] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gemco-mfg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gemco-mfg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akG8hqQYGo4ZK21ta6TeXwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 22:14:40
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:14:32.334995 2026] [security2:error] [pid 23140:tid 23140] [client 216.250.113.199:54360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||futuresgrowhere.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "futuresgrowhere.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGcyENBDUTIF-95bx_n9gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 13:25:59
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): ...
show more
(mod_security) mod_security (id:225170) triggered by 216.250.113.199 (infong-us-cl0043.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:25:51.362175 2026] [security2:error] [pid 1510:tid 1510] [client 216.250.113.199:35294] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.orcastrong.iyp-home.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.orcastrong.iyp-home.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akEg38IvjdlyiVGMJg8SGAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-06-27 22:01:01
(2 weeks ago)
wp-login attack [27/Jun/2026:13:38:32
Brute-Force
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-06-27 09:08:04
(2 weeks ago)
Wordfence waf block on robdarnell
Web App Attack
๐ฒ๐น
Malta
2026-06-26 21:04:37
(2 weeks ago)
216.250.113.199 - - [26/Jun/2026:23:04:37 +0200] "GET /wp-json/wp/v2/users/me HTTP/1.1" "Mozilla/5.0 ...
show more
216.250.113.199 - - [26/Jun/2026:23:04:37 +0200] "GET /wp-json/wp/v2/users/me HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
show less
Hacking
Web App Attack
VPN IP