๐ฉ๐ช
FeG Deutschland
2026-07-08 14:27:34
(1 hour ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-08 04:16:56
(11 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-08 04:08:59
(11 hours ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-08 03:45:12
(12 hours ago)
support.paulshipley.com.au:443 3.134.187.154 - - [08/Jul/2026:13:45:10 +1000] "GET /wp/wp-login.php ...
show more
support.paulshipley.com.au:443 3.134.187.154 - - [08/Jul/2026:13:45:10 +1000] "GET /wp/wp-login.php HTTP/1.1" 404 26806 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
...
show less
Web App Attack
Anonymous
2026-07-08 03:21:37
(12 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
4server
2026-07-08 02:53:39
(13 hours ago)
[WedJul0804:53:34.5552342026][security2:error][pid2149731:tid2149753][client3.134.187.154:0]ModSecur ...
show more
[WedJul0804:53:34.5552342026][security2:error][pid2149731:tid2149753][client3.134.187.154:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mgevents.ch\"][uri\"/wp-login.php\"][unique_id\"ak27roIz0Wo0bm95kSbOJgAAAAo\"]\,referer:https://mgevents.ch/wp-login.php
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 02:47:19
(13 hours ago)
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.comp ...
show more
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 22:47:13.478365 2026] [security2:error] [pid 25452:tid 25468] [client 3.134.187.154:35296] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jpdesign.us.jean-paullederer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jpdesign.us.jean-paullederer.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak26MX7xJDJUnVyVzJJbCwAAAI4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-07 22:54:58
(17 hours ago)
Web vulnerability probing: /wp-login.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 20:13:04
(19 hours ago)
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.comp ...
show more
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:12:57.029331 2026] [security2:error] [pid 27334:tid 27334] [client 3.134.187.154:47208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sooperare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sooperare.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak1dyZPzk7VIjR4zkWkiHwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-07 19:34:59
(20 hours ago)
Brute-Force, Web App Attack, suspicious: WP login POST blocked by WAF
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 19:33:13
(20 hours ago)
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.comp ...
show more
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 15:33:09.008701 2026] [security2:error] [pid 18967:tid 18967] [client 3.134.187.154:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||southernbroadcast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "southernbroadcast.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak1UdaQ46D5tn3l7QcnQ6AAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 18:59:29
(21 hours ago)
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.comp ...
show more
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:59:22.861183 2026] [security2:error] [pid 10953:tid 10953] [client 3.134.187.154:46242] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||garantagroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "garantagroup.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak1MilcOrD8FrBY6KthodwAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 17:10:00
(22 hours ago)
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.comp ...
show more
(mod_security) mod_security (id:225170) triggered by 3.134.187.154 (ec2-3-134-187-154.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:09:51.617933 2026] [security2:error] [pid 11183:tid 11183] [client 3.134.187.154:47802] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vespaitaliancafe.matteozacchino.dev|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vespaitaliancafe.matteozacchino.dev"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak0y32e05-xDMO9WKKhNRgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-07 17:07:45
(22 hours ago)
(PERMBLOCK) 3.134.187.154 (US/United States/ec2-3-134-187-154.us-east-2.compute.amazonaws.com) has h ...
show more
(PERMBLOCK) 3.134.187.154 (US/United States/ec2-3-134-187-154.us-east-2.compute.amazonaws.com) has had more than 4 temp blocks
show less
Hacking
Anonymous
2026-07-07 17:05:02
(23 hours ago)
Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/2.0, [2/2] done
Hacking
Web App Attack