๐ฒ๐ฝ
octageeks.com
2026-07-08 04:14:41
(1 day ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 15:13:32
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:13:28.313734 2026] [security2:error] [pid 1314:tid 1314] [client 80.85.224.90:33484] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||digi-estudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "digi-estudio.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak0XmP9MVzI6siHnZo8Y4QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 14:13:06
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 10:13:02.436105 2026] [security2:error] [pid 28161:tid 28161] [client 80.85.224.90:37506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ashleycroft.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ashleycroft.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak0JbulEgByy_6rymPS0OAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-07 13:43:19
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TAY
2026-07-07 13:20:27
(2 days ago)
80.85.224.90 - - [07/Jul/2026:21:10:38 +0800] "POST /wp-login.php HTTP/1.1" 200 2944 "https://mail.a ...
show more
80.85.224.90 - - [07/Jul/2026:21:10:38 +0800] "POST /wp-login.php HTTP/1.1" 200 2944 "https://mail.autism-cvc.org/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
80.85.224.90 - - [07/Jul/2026:21:11:08 +0800] "POST /wp-login.php HTTP/1.1" 200 2975 "https://autism-cvc.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
80.85.224.90 - - [07/Jul/2026:21:20:24 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6263 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 12:49:05
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 08:49:01.200674 2026] [security2:error] [pid 11414:tid 11414] [client 80.85.224.90:45766] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aemcmullin.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aemcmullin.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akz1vdWDdtNn-D1D3CqmTAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ambor
2026-07-07 12:38:19
(2 days ago)
L0ss Honeypot: WordPress login access attempt. Path: /wp-login.php
Brute-Force
Web App Attack
Anonymous
2026-07-07 12:04:55
(2 days ago)
80.85.224.90 - - [07/Jul/2026:12:32:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426
80.85.224.90 - - [ ...
show more
80.85.224.90 - - [07/Jul/2026:12:32:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 426
80.85.224.90 - - [07/Jul/2026:14:04:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416
...
show less
Brute-Force
Bad Web Bot
๐ฉ๐ช
neckaralb-admin.de
2026-07-07 11:56:22
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฉ๐ช
Hazzard
2026-07-07 11:31:56
(2 days ago)
(wordpress) Failed wordpress login from 80.85.224.90 (PL/Poland/Lesser Poland/Tarnรณw/web2.zetosa.com ...
show more
(wordpress) Failed wordpress login from 80.85.224.90 (PL/Poland/Lesser Poland/Tarnรณw/web2.zetosa.com.pl/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐ซ๐ท
masterguru
2026-07-07 10:51:32
(2 days ago)
(modsec_5040) ModSec 5040: API Basic Auth blocked from 80.85.224.90 (PL/Poland/web2.zetosa.com.pl): ...
show more
(modsec_5040) ModSec 5040: API Basic Auth blocked from 80.85.224.90 (PL/Poland/web2.zetosa.com.pl): 1 in the last 3600 secs (0-196)
show less
Hacking
๐จ๐ฟ
ptlab
2026-07-07 10:45:10
(2 days ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐ฉ๐ช
london2038.com
2026-07-07 10:31:17
(2 days ago)
Attacking WordPress
80.85.224.90 - - [07/Jul/2026:12:31:14 +0200] "POST /wp-login.php HTTP/2.0" 503 ...
show more
Attacking WordPress
80.85.224.90 - - [07/Jul/2026:12:31:14 +0200] "POST /wp-login.php HTTP/2.0" 503 19289 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 10:30:25
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the las ...
show more
(mod_security) mod_security (id:225170) triggered by 80.85.224.90 (web2.zetosa.com.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:30:21.562287 2026] [security2:error] [pid 7628:tid 7628] [client 80.85.224.90:47374] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arsenalfordemocracy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arsenalfordemocracy.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akzVPTkBg4Fww6hsYmL2AwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐น
Malta
2026-07-07 10:21:38
(2 days ago)
80.85.224.90 - - [07/Jul/2026:12:21:38 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ...
show more
80.85.224.90 - - [07/Jul/2026:12:21:38 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force