π©πͺ
FeG Deutschland
2026-07-15 10:35:37
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 28
Exploited Host
Web App Attack
π«π·
Tilellit.PRO
2026-07-13 06:48:09
(3 days ago)
WooCommerce YITH AJAX Filder product_cat filter flood attempt with taxonomies
DDoS Attack
Bad Web Bot
π¬π§
Oakley
2026-07-01 12:53:23
(2 weeks ago)
(confirmed_bot_sig) Confirmed bot
Hacking
πΊπΈ
TPI-Abuse
2025-11-28 03:51:52
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 22:51:48.463529 2025] [security2:error] [pid 18209:tid 18209] [client 79.117.224.145:42488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ageh.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ageh.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSkcVAirNn6tEx3OYjca1QAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-28 02:21:39
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 21:21:35.427467 2025] [security2:error] [pid 29758:tid 29783] [client 79.117.224.145:37676] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ceol.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ceol.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSkHL5Nihena9yYpZxEqAgAAAVY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
nationaleventpros.com
2025-11-28 00:15:56
(7 months ago)
WordPress login attempt
Brute-Force
πΊπΈ
TPI-Abuse
2025-11-27 21:55:49
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:55:43.450314 2025] [security2:error] [pid 6199:tid 6199] [client 79.117.224.145:38416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gonzalez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSjI36VegZK0Jn6Zr0kKIAAAACk"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
F242
2025-11-27 21:23:33
(7 months ago)
Wordpress Login or XMLRPC abuse
Web App Attack
πͺπΈ
el-brujo
2025-11-27 21:01:54
(7 months ago)
[Thu Nov 27 22:01:53.075343 2025] [proxy_fcgi:error] [pid 2189795:tid 2190029] [remote 79.117.224.14 ...
show more
[Thu Nov 27 22:01:53.075343 2025] [proxy_fcgi:error] [pid 2189795:tid 2190029] [remote 79.117.224.145:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com
[Thu Nov 27 22:01:54.635375 2025] [proxy_fcgi:error] [pid 2189794:tid 2190387] [remote 79.117.224.145:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com
...
show less
Hacking
Web App Attack
πͺπΈ
el-brujo
2025-11-27 21:01:50
(7 months ago)
Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Apache-HttpC ...
show more
Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Apache-HttpClient/4.5.13 (Java/11.0.28) Action: managed_challenge Source: firewallManaged ASN Description: DIGISPAINTELECOM Country: ES Method: POST Timestamp: 2025-11-27T21:01:50Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
π·πΊ
ago.su
2025-11-27 19:48:42
(7 months ago)
F2B blocked nginx bad bot [otd]
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-26 11:44:53
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 06:44:48.188830 2025] [security2:error] [pid 21557:tid 21557] [client 79.117.224.145:44084] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||interior-cosmetics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "interior-cosmetics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSboMMDpnUS1DlQ8EaiylQAAAAs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2025-11-26 07:40:16
(7 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-11-26 05:20:59
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 00:20:52.606545 2025] [security2:error] [pid 22131:tid 22131] [client 79.117.224.145:41506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||damonmarks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "damonmarks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSaONHi4d5yzZ9jrKXx-zAAAAB0"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-26 03:45:28
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 79.117.224.145 (79-117-224-145.digimobil.es): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 22:45:20.592301 2025] [security2:error] [pid 26520:tid 26520] [client 79.117.224.145:48338] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hotjive.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotjive.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aSZ30GzD6vK3H-kK-t55-wAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack