π²πΉ
Malta
2026-07-10 20:53:14
(3 hours ago)
82.165.90.100 - - [10/Jul/2026:22:53:14 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ...
show more
82.165.90.100 - - [10/Jul/2026:22:53:14 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-09 13:14:41
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.e ...
show more
(mod_security) mod_security (id:210350) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 09:14:36.410253 2026] [security2:error] [pid 12529:tid 12529] [client 82.165.90.100:37866] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||roguetechink.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "roguetechink.com"] [uri "/wp-json/webmention/1.0"] [unique_id "ak-evIH3IpzIRAXgx6Zi1QAAAAY"], referer: https://roguetechink.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 12:42:44
(1 day ago)
(mod_security) mod_security (id:210350) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.e ...
show more
(mod_security) mod_security (id:210350) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:42:38.959340 2026] [security2:error] [pid 9943:tid 9943] [client 82.165.90.100:59428] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.tasteshop.l3l4.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.tasteshop.l3l4.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ak-XPjeXwojJHx8fL2pX-wAAABQ"], referer: https://www.tasteshop.l3l4.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 20:35:55
(2 days ago)
WordPress Brute Force
Brute-Force
π©πͺ
FeG Deutschland
2026-07-08 10:27:08
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 00:27:21
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.e ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 20:27:14.849177 2026] [security2:error] [pid 13180:tid 13180] [client 82.165.90.100:49760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doreenkimura.com.misscharlottemusic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doreenkimura.com.misscharlottemusic.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akxH4tv5BtD0Qbk9qEINUwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΉ
Malta
2026-07-06 18:00:01
(4 days ago)
82.165.90.100 - - [06/Jul/2026:20:00:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linu ...
show more
82.165.90.100 - - [06/Jul/2026:20:00:00 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
π²π½
octageeks.com
2026-07-06 04:14:05
(4 days ago)
Wordpress malicious attack:[octawp]
Web App Attack
π©πͺ
Hazzard
2026-07-02 18:33:09
(1 week ago)
(wordpress) Failed wordpress login from 82.165.90.100 (DE/Germany/-/-/infong-eu-cl0230.clienthosting ...
show more
(wordpress) Failed wordpress login from 82.165.90.100 (DE/Germany/-/-/infong-eu-cl0230.clienthosting.eu/[redacted]): (CF_ENABLE)
show less
Brute-Force
π¬π·
setupgr
2026-06-29 14:12:20
(1 week ago)
(wplogin_block) Blocked WP-Login Access Attempt 82.165.90.100 (DE/Germany/Baden-Wurttemberg/Karlsruh ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 82.165.90.100 (DE/Germany/Baden-Wurttemberg/Karlsruhe/-/[AS8560 IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE.]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 82.165.90.100 - - [29/Jun/2026:17:12:19 +0300] "GET /wp-login.php HTTP/2.0" 200 5046 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-06-28 23:33:49
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.e ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:33:43.308290 2026] [security2:error] [pid 19902:tid 19902] [client 82.165.90.100:54100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||zezel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zezel.com"] [uri "/wp-json/wp/v2/users/3"] [unique_id "akGvV62cLlbxUaGrP9CjMgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-28 20:26:33
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.e ...
show more
(mod_security) mod_security (id:225170) triggered by 82.165.90.100 (infong-eu-cl0230.clienthosting.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 16:26:29.954546 2026] [security2:error] [pid 21975:tid 21975] [client 82.165.90.100:54922] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.escapegeorgesrouquier.williamgilcher.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.escapegeorgesrouquier.williamgilcher.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "akGDdZxTS3RXB8i-6Dc85gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
FeG Deutschland
2026-06-28 12:08:30
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
π²πΉ
Malta
2026-06-26 23:40:26
(2 weeks ago)
82.165.90.100 - - [27/Jun/2026:01:40:26 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linu ...
show more
82.165.90.100 - - [27/Jun/2026:01:40:26 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
πΊπΈ
octageeks.com
2026-03-23 04:09:05
(3 months ago)
Wordpress malicious attack:[octawp]
Web App Attack