๐ฉ๐ช
london2038.com
2026-07-12 13:54:13
(1 day ago)
Attacking WordPress
36.50.82.208 - - [12/Jul/2026:15:54:11 +0200] "POST /wp-login.php HTTP/2.0" 503 ...
show more
Attacking WordPress
36.50.82.208 - - [12/Jul/2026:15:54:11 +0200] "POST /wp-login.php HTTP/2.0" 503 19291 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/146.0.6917.0 Mobile/15E148 Safari/604.1"
show less
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-12 06:39:46
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-11 22:00:47
(1 day ago)
wp-login attack [11/Jul/2026:20:09:56
Brute-Force
Web App Attack
๐บ๐ธ
cwytech
2026-07-11 06:15:35
(2 days ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐ฒ๐น
Malta
2026-07-11 02:16:55
(2 days ago)
36.50.82.208 - - [11/Jul/2026:04:16:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT ...
show more
36.50.82.208 - - [11/Jul/2026:04:16:55 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-11 02:12:09
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-10 22:01:22
(2 days ago)
wp-login attack [10/Jul/2026:21:11:15
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 20:51:34
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 16:51:29.675688 2026] [security2:error] [pid 17015:tid 17015] [client 36.50.82.208:41898] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||agrollum.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "agrollum.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alFbUchZOAOKrN4yetztAwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-09 18:46:31
(3 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:54:59
(3 days ago)
(mod_security) mod_security (id:210350) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in ...
show more
(mod_security) mod_security (id:210350) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:54:53.408851 2026] [security2:error] [pid 3116:tid 3116] [client 36.50.82.208:43216] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||pinetreedistrict.org|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "pinetreedistrict.org"] [uri "/"] [unique_id "ak_ETTZEuM4u48W-RDTY6AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 11:54:33
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in ...
show more
(mod_security) mod_security (id:210350) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:54:30.665577 2026] [security2:error] [pid 17121:tid 17134] [client 36.50.82.208:59540] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||fastesttrademark.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "fastesttrademark.com"] [uri "/wp-json/wp/v2/users/10"] [unique_id "ak-L9hWBq1muZi7V3IAs6AAAAUQ"], referer: https://fastesttrademark.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 10:53:05
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in ...
show more
(mod_security) mod_security (id:210350) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:52:59.304022 2026] [security2:error] [pid 12240:tid 12240] [client 36.50.82.208:35032] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||furbabieslivesmatter.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "furbabieslivesmatter.com"] [uri "/wp-json/wp/v2/users/10"] [unique_id "ak99izJN7a8lapz7uOpSXAAAAAE"], referer: https://furbabieslivesmatter.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐น
Malta
2026-07-08 22:07:40
(4 days ago)
36.50.82.208 - - [09/Jul/2026:00:07:39 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ...
show more
36.50.82.208 - - [09/Jul/2026:00:07:39 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 10:40:46
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 36.50.82.208 (server.apwebsolution.store): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:40:38.479281 2026] [security2:error] [pid 13822:tid 13822] [client 36.50.82.208:38100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||qatest.soudertonbigred.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "qatest.soudertonbigred.org"] [uri "/wp-json/wp/v2/users"] [unique_id "akJLplGKQgGTEoCuiVx5nQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-06-25 22:01:43
(2 weeks ago)
wp-login attack [25/Jun/2026:19:19:17
Brute-Force
Web App Attack