๐บ๐ธ
TPI-Abuse
2026-07-19 07:33:33
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.191 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 03:33:28.978252 2026] [security2:error] [pid 30859:tid 30859] [client 157.22.75.191:38509] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||stormwlf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stormwlf.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alx9yO1vWS3U6pAChT9t0wAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
DRI
2026-07-18 00:45:45
(1 day ago)
Web attack/Malicious activity detected
Web App Attack
๐จ๐ฆ
DRI
2026-07-16 17:15:38
(3 days ago)
Web attack/Malicious activity detected
Web App Attack
๐ท๐ด
clauss
2026-07-14 05:51:18
(5 days ago)
IP reached maximum auth failures for a one day block
Brute-Force
๐จ๐ญ
backslash
2026-07-13 23:12:00
(6 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 04:47:03
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.191 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:46:56.192311 2026] [security2:error] [pid 14957:tid 14957] [client 157.22.75.191:43717] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cosmicdebris.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cosmicdebris.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak8nwAyTHM7kgxe4vhd_LwAAAAs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-07-02 04:04:12
(2 weeks ago)
tilellit/wp-armour-ban
Hacking
๐ซ๐ท
Tilellit.PRO
2026-06-29 09:41:08
(2 weeks ago)
Fail2Ban banned 157.22.75.191 for security violations in jail wp-armour. Log: 2026/06/29 09:41:08 [e ...
show more
Fail2Ban banned 157.22.75.191 for security violations in jail wp-armour. Log: 2026/06/29 09:41:08 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 157.22.75.191 | Target: wplogin" , client: 157.22.75.191, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ซ๐ท
Tilellit.PRO
2026-06-28 08:15:45
(3 weeks ago)
Fail2Ban banned 157.22.75.191 for security violations in jail wp-armour. Log: 2026/06/28 08:15:45 [e ...
show more
Fail2Ban banned 157.22.75.191 for security violations in jail wp-armour. Log: 2026/06/28 08:15:45 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 157.22.75.191 | Target: wplogin" , client: 157.22.75.191, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ซ๐ท
Tilellit.PRO
2026-06-27 09:07:31
(3 weeks ago)
Fail2Ban banned 157.22.75.191 for security violations in jail wp-armour. Log: 2026/06/27 09:07:31 [e ...
show more
Fail2Ban banned 157.22.75.191 for security violations in jail wp-armour. Log: 2026/06/27 09:07:31 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 157.22.75.191 | Target: wplogin" , client: 157.22.75.191, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐บ๐ธ
TPI-Abuse
2026-05-21 17:23:25
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 157.22.75.191 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 157.22.75.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 13:23:22.023850 2026] [security2:error] [pid 6010:tid 6033] [client 157.22.75.191:56463] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jsbarber.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jsbarber.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag8_imzxkvl5TMVql9c55AAAARA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-05-10 12:02:23
(2 months ago)
Try to access /xmlrpc.php
Web App Attack
๐จ๐ญ
4server
2026-05-10 04:34:34
(2 months ago)
[SunMay1006:34:27.6956022026][security2:error][pid1633949:tid1633968][client157.22.75.191:0]ModSecur ...
show more
[SunMay1006:34:27.6956022026][security2:error][pid1633949:tid1633968][client157.22.75.191:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"xmlrpc\\\\\\\\.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_rules/03_asl_dos.conf\"][line\"65\"][id\"392331\"][rev\"3\"][msg\"Atomicorp.comWAFRules:xmlrpcDOSattack\"][severity\"CRITICAL\"][hostname\"motogiro.com\"][uri\"/xmlrpc.php\"][unique_id\"agAK01ghNRRBs1Y-am5xcAAAANE\"]
show less
Hacking
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-05-05 19:21:08
(2 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-05-04 13:25:06
(2 months ago)
[MonMay0415:25:02.9223962026][security2:error][pid257956:tid257974][client157.22.75.191:0]ModSecurit ...
show more
[MonMay0415:25:02.9223962026][security2:error][pid257956:tid257974][client157.22.75.191:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"xmlrpc\\\\\\\\.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_rules/03_asl_dos.conf\"][line\"65\"][id\"392331\"][rev\"3\"][msg\"Atomicorp.comWAFRules:xmlrpcDOSattack\"][severity\"CRITICAL\"][hostname\"feldenkraisticino.ch\"][uri\"/xmlrpc.php\"][unique_id\"afieLkx6enzPz64JZ68eGAAAAAc\"]
show less
Port Scan
Brute-Force
Web App Attack