๐ซ๐ท
abuseipdb.amaze321
2026-07-15 21:41:30
(7 hours ago)
Automated reconnaissance: repeated requests for sensitive/non-existent paths.
Web App Attack
Bad Web Bot
๐ซ๐ท
abuseipdb.amaze321
2026-07-01 03:34:30
(2 weeks ago)
Automated reconnaissance: repeated requests for sensitive/non-existent paths.
Web App Attack
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2026-06-23 14:19:37
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 11:38:09
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati ...
show more
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati.aruba.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 07:38:02.032846 2026] [security2:error] [pid 10288:tid 10288] [client 89.46.109.106:32230] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||weird.eco|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "weird.eco"] [uri "/wp-json/wp/v2/users/8"] [unique_id "ajpwGdAPXj6fnOO3mJRIbgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 09:48:12
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati ...
show more
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati.aruba.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 05:48:05.140732 2026] [security2:error] [pid 5623:tid 5623] [client 89.46.109.106:27578] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fractalsky.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fractalsky.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajpWVTit3Z-7nIi9yxBjFAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Holger
2026-06-22 22:05:03
(3 weeks ago)
URL probing: GET /blog/xmlrpc.php
Web App Attack
๐ฆ๐น
mindrider
2026-06-22 04:21:53
(3 weeks ago)
89.46.109.106 - - [22/Jun/2026:06:21:52 +0200] "GET /xmlrpc.php HTTP/1.1" 404 2968 "-" "Mozilla/5.0 ...
show more
89.46.109.106 - - [22/Jun/2026:06:21:52 +0200] "GET /xmlrpc.php HTTP/1.1" 404 2968 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" "-"
89.46.109.106 - - [22/Jun/2026:06:21:52 +0200] "GET /wp-login.php HTTP/1.1" 404 2968 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36" "-"
...
show less
Brute-Force
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-22 04:06:34
(3 weeks ago)
Wordpress malicious attack:[octawp]
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-21 10:04:33
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
๐ฉ๐ช
Hazzard
2026-06-20 10:31:14
(3 weeks ago)
(wordpress) Failed wordpress login from 89.46.109.106 (IT/Italy/Province of Arezzo/Arezzo/host106-10 ...
show more
(wordpress) Failed wordpress login from 89.46.109.106 (IT/Italy/Province of Arezzo/Arezzo/host106-109-46-89.serverdedicati.aruba.it/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
mnsf
2026-06-20 02:05:50
(3 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 17:55:03
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati ...
show more
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati.aruba.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 13:54:58.866127 2026] [security2:error] [pid 25799:tid 25799] [client 89.46.109.106:28566] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||earthtwoworkshop.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "earthtwoworkshop.com"] [uri "/wp-json/wp/v2/users/5"] [unique_id "ajWCctEbsqWD0OfA_KB84gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-19 17:29:44
(3 weeks ago)
levellapromotions.co.nz:443 89.46.109.106 - - [20/Jun/2026:03:29:41 +1000] "GET /?author=3&feed=rss2 ...
show more
levellapromotions.co.nz:443 89.46.109.106 - - [20/Jun/2026:03:29:41 +1000] "GET /?author=3&feed=rss2 HTTP/1.1" 404 343683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36, Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 17:12:11
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati ...
show more
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati.aruba.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 13:12:04.926185 2026] [security2:error] [pid 16628:tid 16628] [client 89.46.109.106:21592] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||silalaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "silalaw.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajV4ZIEGkgUyZ_VLhcceegAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 16:08:53
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati ...
show more
(mod_security) mod_security (id:225170) triggered by 89.46.109.106 (host106-109-46-89.serverdedicati.aruba.it): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:08:46.785546 2026] [security2:error] [pid 30314:tid 30314] [client 89.46.109.106:30198] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||buanamegah.kairoslogammakmur.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "buanamegah.kairoslogammakmur.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajVpjh95OJRqPWQOQmoEowAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack