๐ซ๐ท
MatStef132
2026-07-13 13:04:58
(8 hours ago)
MatShield L7: blocked on mathost.eu (ua-quarantined)
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2026-07-13 12:25:59
(8 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฉ๐ช
NewGastroline
2026-07-13 01:50:27
(19 hours ago)
Malicious request blocked by CrowdSec on gastro-prod1.boreus.de
Bad Web Bot
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-12 22:01:03
(23 hours ago)
wp-login attack [12/Jul/2026:12:59:17
Brute-Force
Web App Attack
๐บ๐ธ
wordpresshosting.solutions
2026-07-12 15:17:35
(1 day ago)
WordPress login/xmlrpc abuse or user enumeration detected. Evidence: 47.155.7.100 - - [12/Jul/2026:1 ...
show more
WordPress login/xmlrpc abuse or user enumeration detected. Evidence: 47.155.7.100 - - [12/Jul/2026:15:17:34 +0000] "GET /wp-login.php HTTP/1.1" 200 8198 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36"
show less
Brute-Force
Web App Attack
Anonymous
2026-07-12 05:20:55
(1 day ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-07-12 04:08:36
(1 day ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-11 22:00:15
(1 day ago)
POST /xmlrpc.php [11/Jul/2026:04:21:59
Brute-Force
Web App Attack
๐ฉ๐ช
4server
2026-07-11 11:28:21
(2 days ago)
[SatJul1113:28:19.5848772026][security2:error][pid2538831:tid2538915][client47.155.7.100:0]ModSecuri ...
show more
[SatJul1113:28:19.5848772026][security2:error][pid2538831:tid2538915][client47.155.7.100:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"mgevents.ch\"][uri\"/wp-login.php\"][unique_id\"alIo0ym5BEzCjWokvZeCdQAAAJY\"]\,referer:https://mgevents.ch/wp-login.php
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-11 09:39:47
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐บ๐ธ
dtorrer
2026-07-11 09:21:13
(2 days ago)
Brute-force general attack.
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-11 08:04:00
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 47.155.7.100 (47-155-7-100.fdr01.rdbh.ca.ip.fro ...
show more
(mod_security) mod_security (id:225170) triggered by 47.155.7.100 (47-155-7-100.fdr01.rdbh.ca.ip.frontiernet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 04:03:56.968160 2026] [security2:error] [pid 10432:tid 10432] [client 47.155.7.100:40174] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||superlamb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "superlamb.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alH47HOU7sWDoXCxeL1OowAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:50:42
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 47.155.7.100 (47-155-7-100.fdr01.rdbh.ca.ip.fro ...
show more
(mod_security) mod_security (id:225170) triggered by 47.155.7.100 (47-155-7-100.fdr01.rdbh.ca.ip.frontiernet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:50:36.117114 2026] [security2:error] [pid 23288:tid 23288] [client 47.155.7.100:50076] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lajoze.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lajoze.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alHnvGjzsd79ZCXnutkd2QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xxkodedxx
2026-07-11 06:46:42
(2 days ago)
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get in 10m window.
...
show more
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get in 10m window.
Active: 06:45:49โ06:45:50 UTC
Volume: 2 honeypot probe(s)
Bait taken: /wp-login.php
UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 06:28:22
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 47.155.7.100 (47-155-7-100.fdr01.rdbh.ca.ip.fro ...
show more
(mod_security) mod_security (id:225170) triggered by 47.155.7.100 (47-155-7-100.fdr01.rdbh.ca.ip.frontiernet.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 02:28:16.312467 2026] [security2:error] [pid 19544:tid 19563] [client 47.155.7.100:50472] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tapas.soluciona.biz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tapas.soluciona.biz"] [uri "/wp-json/wp/v2/users/me"] [unique_id "alHigM6CcDmMgsiH2HVMHAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack