๐บ๐ธ
bpolson
2026-07-11 05:48:02
(5 days ago)
WordPress Hacking/Scanning. (s1)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 03:07:43
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 23:07:39.006966 2026] [security2:error] [pid 9690:tid 9690] [client 93.126.6.131:45166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||constructionloansfunding.internetnameregistration.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "constructionloansfunding.internetnameregistration.com"] [uri "/wp-json/wp/v2/users/4"] [unique_id "akh4-4DnRkfCh_GkTBBcTAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-29 04:24:02
(2 weeks ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 23:14:50
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 19:14:47.553786 2026] [security2:error] [pid 10746:tid 10746] [client 93.126.6.131:36996] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.benkatkin.passy.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.benkatkin.passy.us"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akBZZxRC-Wvb_8jLJmsBsgAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ท
setupgr
2026-06-27 19:55:31
(2 weeks ago)
(wplogin_block) Blocked WP-Login Access Attempt 93.126.6.131 (IR/Iran/-/-/-/[AS44375 Asmanfaraz Sepa ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 93.126.6.131 (IR/Iran/-/-/-/[AS44375 Asmanfaraz Sepahan Company (P.J.S)]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 93.126.6.131 - - [27/Jun/2026:22:55:26 +0300] "GET /wp-login.php HTTP/2.0" 200 5184 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Port Scan
๐จ๐ฟ
ptlab
2026-06-27 16:45:20
(2 weeks ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 03:17:40
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 23:17:32.874811 2026] [security2:error] [pid 22410:tid 22410] [client 93.126.6.131:34228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||partners.imagineyourphotos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "partners.imagineyourphotos.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajYGTLeywcKhFZNtG_N2dgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 01:34:37
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 21:34:28.668303 2026] [security2:error] [pid 8830:tid 8830] [client 93.126.6.131:56872] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||scswat.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "scswat.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ajXuJA0bIfeT4IzTldGUpgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 23:43:38
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 19:43:32.419913 2026] [security2:error] [pid 15889:tid 15964] [client 93.126.6.131:38844] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lpsouthdakota.com.omegaoak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lpsouthdakota.com.omegaoak.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajXUJC9D62sLQBBnBVzLcQAAAEk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-06-16 13:37:05
(1 month ago)
2026-06-16T15:37:04.843192+02:00 ipoac.nl wordpress(-)-: Authentication failure for-from 93.126.6.13 ...
show more
2026-06-16T15:37:04.843192+02:00 ipoac.nl wordpress(-)-: Authentication failure for-from 93.126.6.131
show less
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-06-16 13:29:16
(1 month ago)
WordPress bruteforce
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 12:17:10
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 08:17:05.936033 2026] [security2:error] [pid 19204:tid 19204] [client 93.126.6.131:45706] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||tell-me-first.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tell-me-first.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajE-wbq4VLIHpxsfm0rFxgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 06:36:05
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the ...
show more
(mod_security) mod_security (id:225170) triggered by 93.126.6.131 (electra.asemanhost.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 02:35:59.756140 2026] [security2:error] [pid 28211:tid 28211] [client 93.126.6.131:57506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gvimmobilier.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gvimmobilier.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ajDuzwn9gx3CDaR-7YRNaAAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-06-16 04:06:35
(1 month ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฒ๐น
Malta
2026-06-16 00:29:58
(1 month ago)
93.126.6.131 - - [16/Jun/2026:02:29:58 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT ...
show more
93.126.6.131 - - [16/Jun/2026:02:29:58 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force