๐บ๐ธ
TPI-Abuse
2025-09-24 22:26:44
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 156.253.169.47 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.169.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 24 18:26:38.512608 2025] [security2:error] [pid 6058:tid 6058] [client 156.253.169.47:18521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||marianozaro.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marianozaro.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNRwHglmA1T5umlGQ8ZZSAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
warp
2025-09-22 19:42:08
(9 months ago)
Repeated brute-force login attempts on WordPress (wp-login.php / xmlrpc.php). Reported by Jenka/Bott ...
show more
Repeated brute-force login attempts on WordPress (wp-login.php / xmlrpc.php). Reported by Jenka/Bottega del Vespro.
show less
Brute-Force
Anonymous
2025-09-03 08:01:52
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ง๐ช
voormedia
2025-08-12 00:53:46
(10 months ago)
Accessed trap at '/xmlrpc.php'
Web App Attack
๐บ๐ธ
octageeks.com
2025-04-17 04:22:31
(1 year ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-14 00:36:30
(1 year ago)
(mod_security) mod_security (id:210831) triggered by 156.253.169.47 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 156.253.169.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 13 20:36:18.481476 2025] [security2:error] [pid 1608901:tid 1608901] [client 156.253.169.47:49333] [client 156.253.169.47] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||backstore.com|F|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/webalizer/usage_201802.html"] [unique_id "Z_xYgmEOewbmnaS5kDMTOAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
oncord
2025-04-07 04:22:57
(1 year ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-04-05 07:39:43
(1 year ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-04-03 22:34:41
(1 year ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-04-01 02:15:54
(1 year ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-03-29 23:33:25
(1 year ago)
Form spam
Web Spam
๐ฆ๐บ
oncord
2025-03-28 21:41:52
(1 year ago)
Form spam
Web Spam
๐ฆ๐บ
MAGIC
2025-03-26 11:09:39
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฆ๐บ
oncord
2025-03-24 12:35:07
(1 year ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2025-03-20 21:17:19
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.253.169.47 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 156.253.169.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 20 17:17:15.708045 2025] [security2:error] [pid 19153:tid 19153] [client 156.253.169.47:19275] [client 156.253.169.47] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chrismcc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chrismcc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z9yF23Zpz8Kx5RSCoUguRwAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack