Anonymous
2026-07-05 19:58:17
(1 day ago)
Web attack blocked by Wordfence on mergel.nu (1 hit). Reported by CRMON.
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-22 22:31:03
(2 weeks ago)
Brute-Force
Web App Attack
Anonymous
2026-06-22 18:24:10
(2 weeks ago)
2402:1f00:8005:4000:: - - > www.allacasadilucia.it [22/Jun/2026:20:23:49 +0200] "POST /wp-login.php ...
show more
2402:1f00:8005:4000:: - - > www.allacasadilucia.it [22/Jun/2026:20:23:49 +0200] "POST /wp-login.php HTTP/1.1" 200 2438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0" "-"
2402:1f00:8005:4000:: - - > www.allacasadilucia.it [22/Jun/2026:20:24:09 +0200] "POST /xmlrpc.php HTTP/1.1" 403 117 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0" "-"
2402:1f00:8005:4000:: - - > www.allacasadilucia.it [22/Jun/2026:20:24:09 +0200] "POST /wp-login.php HTTP/1.1" 200 2438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0" "-"
2402:1f00:8005:4000:: - - > www.allacasadilucia.it [22/Jun/2026:20:24:09 +0200] "POST /wp-login.php HTTP/1.1" 200 2438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:44.0) Gecko/20100101 Firefox/44.0" "-"
2402:1f00:8005:4000:: - - > www.allacasadilucia.it [22/Jun/2026:20:24:10 +0200] "POST /wp-login.php HTTP/1.1" 200 2438 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Rexikon
2026-06-22 07:24:26
(2 weeks ago)
2402:1f00:8005:4000:: - - [22/Jun/2026:09:23:40 +0200] "POST /wp-login.php HTTP/1.1" 200 16376 "-" " ...
show more
2402:1f00:8005:4000:: - - [22/Jun/2026:09:23:40 +0200] "POST /wp-login.php HTTP/1.1" 200 16376 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0"
2402:1f00:8005:4000:: - - [22/Jun/2026:09:23:50 +0200] "POST /wp-login.php HTTP/1.1" 200 16380 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:99.0) Gecko/20100101 Firefox/99.0"
2402:1f00:8005:4000:: - - [22/Jun/2026:09:24:14 +0200] "POST /wp-login.php HTTP/1.1" 200 16380 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0"
2402:1f00:8005:4000:: - - [22/Jun/2026:09:24:17 +0200] "POST /wp-login.php HTTP/1.1" 200 16380 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:63.0) Gecko/20100101 Firefox/63.0"
2402:1f00:8005:4000:: - - [22/Jun/2026:09:24:25 +0200] "POST /wp-login.php HTTP/1.1" 200 16376 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-21 02:49:13
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 22:49:08.731786 2026] [security2:error] [pid 28727:tid 28727] [client 2402:1f00:8005:4000:::53846] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.graymatterofdc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.graymatterofdc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajdRJGHJO9bkla4OQq__dQAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-06-21 01:57:17
(2 weeks ago)
(wp_login_try) srv103 WP Login Attempt 2402:1f00:8005:4000:: (SG/Singapore/-): 10 in the last 3600 s ...
show more
(wp_login_try) srv103 WP Login Attempt 2402:1f00:8005:4000:: (SG/Singapore/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 22:47:19
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:47:14.431776 2026] [security2:error] [pid 22503:tid 22503] [client 2402:1f00:8005:4000:::38514] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.truthsabouthealthcare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.truthsabouthealthcare.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajcYcgf--BysVvyKwCX3ggAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 08:53:02
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 04:52:53.807147 2026] [security2:error] [pid 9780:tid 9780] [client 2402:1f00:8005:4000:::41740] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.xhumanlikerobots.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.xhumanlikerobots.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajZU5QmYxtfw4uZGU5RVzAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 05:44:35
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 01:44:26.199935 2026] [security2:error] [pid 3605:tid 3605] [client 2402:1f00:8005:4000:::60840] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.badconsultingllc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.badconsultingllc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajTXOtXTLewoJcVaX2sXkQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 21:14:34
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 17:14:30.170087 2026] [security2:error] [pid 483:tid 483] [client 2402:1f00:8005:4000:::40830] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.silalaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.silalaw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajG8tqucFIszapsh3skSfAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 18:08:36
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 14:08:26.377878 2026] [security2:error] [pid 18797:tid 18797] [client 2402:1f00:8005:4000:::57164] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.smilingorc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.smilingorc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajGRGpDJDWgh8o4RFPLi-AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 05:51:34
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:51:27.523877 2026] [security2:error] [pid 19896:tid 19896] [client 2402:1f00:8005:4000:::52012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.lajoze.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lajoze.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajDkX-qa1U9vE-wIaPADbgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-15 22:29:50
(3 weeks ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 09:05:04
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last ...
show more
(mod_security) mod_security (id:225170) triggered by 2402:1f00:8005:4000:: (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:04:54.537056 2026] [security2:error] [pid 22281:tid 22281] [client 2402:1f00:8005:4000:::35434] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||honigcpa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "honigcpa.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai_ANkFpAScOFSeKq4QFZgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-14 22:29:34
(3 weeks ago)
Brute-Force
Web App Attack