π©πͺ
FeG Deutschland
2026-07-03 22:14:23
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 08:13:49
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:13:46.045181 2026] [security2:error] [pid 1560:tid 1560] [client 74.208.58.20:51780] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||microkerneltechnologies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "microkerneltechnologies.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akdvOoCvOsbfC2Jfu6i5IQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 07:09:50
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:09:42.903773 2026] [security2:error] [pid 31047:tid 31047] [client 74.208.58.20:39102] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vanmeer.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vanmeer.info"] [uri "/wp-json/wp/v2/users/10"] [unique_id "akdgNqyIFI2WsO8qWddOlAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 06:09:22
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:09:16.363572 2026] [security2:error] [pid 6441:tid 6441] [client 74.208.58.20:38784] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gegkal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gegkal.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akdSDL83I90GQ76P3odZ3gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²π½
octageeks.com
2026-07-03 04:24:53
(4 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
π¨πΏ
ptlab
2026-07-02 04:45:30
(5 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
πΊπΈ
lostswordfish.com
2026-07-01 10:56:04
(6 days ago)
Wordfence waf block on fypeducation
Web App Attack
π©πͺ
FeG Deutschland
2026-06-29 05:24:43
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 11:44:31
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:44:25.761367 2026] [security2:error] [pid 12120:tid 12120] [client 74.208.58.20:49460] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jerryfeil.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jerryfeil.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akEJGYeIzEOftS-XPLIqPwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 04:48:57
(1 week ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
π©πͺ
Hazzard
2026-06-27 01:38:38
(1 week ago)
(wordpress) Failed wordpress login from 74.208.58.20 (US/United States/-/-/infongp-us38.perfora.net/ ...
show more
(wordpress) Failed wordpress login from 74.208.58.20 (US/United States/-/-/infongp-us38.perfora.net/[redacted]): (CF_ENABLE)
show less
Brute-Force
π΅π±
sefinek.net
2026-06-22 05:23:12
(2 weeks ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET) | Endpoint: /wp-admin | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 β’ Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
π¨π
backslash
2026-06-22 04:42:01
(2 weeks ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-21 01:23:27
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 21:23:21.525399 2026] [security2:error] [pid 18484:tid 18484] [client 74.208.58.20:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ipv6.rodrigoaldecoa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ipv6.rodrigoaldecoa.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajc9CRZ17N8ijDl7rXEMpwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-19 17:47:52
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in t ...
show more
(mod_security) mod_security (id:225170) triggered by 74.208.58.20 (infongp-us38.perfora.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 13:47:44.860625 2026] [security2:error] [pid 3330:tid 3354] [client 74.208.58.20:50140] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||artmarialeon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "artmarialeon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajWAwK6WGLPyI_-ptuWwcQAAAVY"]
show less
Brute-Force
Bad Web Bot
Web App Attack