Anonymous
2026-07-04 14:17:04
(3 days ago)
Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/2.0, [2/2] done, GET /wp-login.php H ...
show more
Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/2.0, [2/2] done, GET /wp-login.php HTTP/2.0
show less
Hacking
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-04 13:41:57
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-04 11:31:21
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
cwytech
2026-07-04 11:24:58
(3 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-04 10:59:15
(3 days ago)
2026-07-04 10:59:14 222.252.4.126 File scanning, blocking 222.252.4.126 for 5 minutes
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-04 10:42:48
(3 days ago)
(y4) Failed scan -byebye- from 222.252.4.126 (VN/Vietnam/static.vnpt-hanoi.com.vn): (CF_ENABLE)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 10:28:19
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 06:28:11.545875 2026] [security2:error] [pid 27706:tid 27729] [client 222.252.4.126:36958] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||maroontribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maroontribe.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akjgO4GYnkxKcSTDmeZVPAAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:30:24
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:30:20.904153 2026] [security2:error] [pid 21725:tid 21725] [client 222.252.4.126:53352] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brandoncomputergeeks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brandoncomputergeeks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akiMXKayczRgaizGAcVcQgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Security_Whaller
2026-07-04 03:48:28
(3 days ago)
Malicious activity detected on Honeypot.
Brute-Force
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:07:51
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:07:47.409950 2026] [security2:error] [pid 17016:tid 17016] [client 222.252.4.126:46764] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||modalsoftware.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "modalsoftware.com"] [uri "/wp-json/wp/v2/users/8"] [unique_id "akf6c0KJD7sjG47vSe6VBQAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:20:11
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:20:03.019758 2026] [security2:error] [pid 29601:tid 29601] [client 222.252.4.126:36048] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aholsniffsglue.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aholsniffsglue.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akfvQ6KP-ekVqsgPHYuOOQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 17:16:09
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-03 16:49:03
(4 days ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPr ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: user_enumeration (WordPress user enumeration). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-03 16:10:47
(4 days ago)
1.621 requests to many distinct domains in 1 hour (4w15h38m)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-03 15:58:21
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 222.252.4.126 (static.vnpt-hanoi.com.vn): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 11:58:14.970902 2026] [security2:error] [pid 9746:tid 9746] [client 222.252.4.126:43958] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||caymancline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "caymancline.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akfcFr5NrV3g9y6fRqjpywAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack