๐ฉ๐ช
FeG Deutschland
2026-07-08 01:52:02
(11 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 02:50:54
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:50:48.755041 2026] [security2:error] [pid 7204:tid 7204] [client 209.42.28.13:60178] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||zeetec.nl|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zeetec.nl"] [uri "/wp-json/wp/v2/users"] [unique_id "akh1CCWGMw3u-jXViXMsrgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 14:03:30
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 10:03:23.238978 2026] [security2:error] [pid 6091:tid 6091] [client 209.42.28.13:32790] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fundingworkingcapital.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fundingworkingcapital.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akfBK_g62wOtY_M1ru7xSQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 06:42:19
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:42:14.092143 2026] [security2:error] [pid 12801:tid 12814] [client 209.42.28.13:55264] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||minutosrobados.com.emehache.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "minutosrobados.com.emehache.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akdZxnUSixSECVeWqUAoPwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
xxkodedxx
2026-07-02 22:58:32
(5 days ago)
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get in 10m window.
...
show more
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get in 10m window.
Active: 22:57:30 UTC
Volume: 1 honeypot probe(s)
Bait taken: /wp-json/wp/v2/users/me
UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-02 18:31:06
(5 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-06-30 18:39:02
(1 week ago)
Bot / scanning and/or hacking attempts: GET /not_found HTTP/2.0, GET /wp-login.php HTTP/2.0
Hacking
Web App Attack
Anonymous
2026-06-30 17:16:06
(1 week ago)
WordPress Brute Force
Brute-Force
๐ฉ๐ช
ger-stg-sifi1
2026-06-30 15:29:01
(1 week ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 11:37:26
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:37:22.673473 2026] [security2:error] [pid 5439:tid 5439] [client 209.42.28.13:52040] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nutz-r-us.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nutz-r-us.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "akJY8kgNlsAUyH3AfNaIogAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 10:32:42
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:32:34.231306 2026] [security2:error] [pid 1677:tid 1677] [client 209.42.28.13:36658] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||expresstires.us.jbcllcnet.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "expresstires.us.jbcllcnet.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akJJwp3D7E--3WoJuaWgZAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 09:51:30
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:51:26.976846 2026] [security2:error] [pid 5175:tid 5179] [client 209.42.28.13:34998] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||killasgarage.bike|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "killasgarage.bike"] [uri "/wp-json/wp/v2/users/6"] [unique_id "akJAHmXcSj9XweWrgbUlrAAAAIA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 03:59:07
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:59:00.369104 2026] [security2:error] [pid 23824:tid 23824] [client 209.42.28.13:41672] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||marv.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marv.us"] [uri "/wp-json/wp/v2/users/5"] [unique_id "akHthBsojHgrbGO9RHULYgAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-29 01:05:30
(1 week ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 23:47:21
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 209.42.28.13 (s13842.bom1.stableserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 19:47:15.121762 2026] [security2:error] [pid 22298:tid 22298] [client 209.42.28.13:39142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lajoze.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lajoze.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akGyg-r2RfZVIHklGxM_igAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack