๐ฉ๐ช
LRob
2026-07-16 19:36:34
(15 hours ago)
CrowdSec: lrob/wp-xmlrpc-bf | req: /xmlrpc.php | UA: curl/8.6.0
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-17 22:52:47
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 18:52:42.331453 2026] [security2:error] [pid 19095:tid 19095] [client 157.22.75.164:12095] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||belgiophar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "belgiophar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agpGuiO-r4dFORSArOIPogAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-15 23:36:34
(2 months ago)
IM360 WAF: SQL Injection Attack: Common DB Names Detected
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-05-09 07:47:31
(2 months ago)
(mod_security) mod_security (id:218580) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:218580) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 03:47:26.596351 2026] [security2:error] [pid 17336:tid 17336] [client 157.22.75.164:57223] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\*[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:d. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.||caferutadelaseda.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "caferutadelaseda.com"] [uri "/detalle.php"] [unique_id "af7mjsbVG3Oz2s1M_Fz4LAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-08 08:28:05
(2 months ago)
IM360 WAF: SQL Injection via WordPress Link functionality MV:20')AND/**/4402=(SELECT/**/UPPER(XMLTyp ...
show more
IM360 WAF: SQL Injection via WordPress Link functionality MV:20')AND/**/4402=(SELECT/**/UPPER(XMLType(CHR(60)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-03-28 15:59:43
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 11:59:38.648394 2026] [security2:error] [pid 11502:tid 11502] [client 157.22.75.164:46379] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thingstodonude.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thingstodonude.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acf66pyr7UObqkExZfxkYgAAAA0"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-03-26 20:15:26
(3 months ago)
Detected attack and reported by a human
Brute-Force
Web App Attack
SSH
DDoS Attack
Exploited Host
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-03-24 10:01:21
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 06:01:16.696976 2026] [security2:error] [pid 21453:tid 21453] [client 157.22.75.164:10643] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||i-med.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "i-med.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acJg7ApShEuKcIJrBye5ZwAAAAk"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-23 23:02:52
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 19:02:45.440196 2026] [security2:error] [pid 11431:tid 11431] [client 157.22.75.164:25253] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||301i.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "301i.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acHGlcRYOJIL7NzvG8fBlQAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack