๐บ๐ธ
TPI-Abuse
2026-07-02 15:40:16
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 158.173.77.129 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 158.173.77.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:40:11.387096 2026] [security2:error] [pid 30285:tid 30285] [client 158.173.77.129:34421] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.azcrittergetter.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.azcrittergetter.com"] [uri "/csfitz.com"] [unique_id "akaGW2fbtAC0Gb_kw3Qv3QAAAAs"], referer: http://csfitz.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-02 09:06:16
(1 day ago)
(wordpress) Failed wordpress login from 158.173.77.129 (IT/Italy/-)
Brute-Force
Anonymous
2026-07-02 06:54:51
(1 day ago)
(wordpress) Failed wordpress login from 158.173.77.129 (IT/Italy/-)
Brute-Force
๐บ๐ธ
TAY
2026-07-01 17:45:12
(2 days ago)
158.173.77.129 - - [02/Jul/2026:01:45:09 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6187 "-" "Mozilla/5. ...
show more
158.173.77.129 - - [02/Jul/2026:01:45:09 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6187 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_2_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
158.173.77.129 - - [02/Jul/2026:01:45:09 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6171 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.2210.91"
158.173.77.129 - - [02/Jul/2026:01:45:10 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6171 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 17_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1"
...
show less
Brute-Force
๐ฒ๐ฝ
ygb
2026-06-25 03:11:09
(1 week ago)
Blocked at layer 3 after 1 attempts
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 08:57:59
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 158.173.77.129 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 158.173.77.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 04:57:54.304107 2026] [security2:error] [pid 31387:tid 31387] [client 158.173.77.129:54841] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.plazahacienda.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.plazahacienda.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajucEpYdLBdCAp1-gqFhWAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
tmiland
2026-06-23 21:50:50
(1 week ago)
(wordpress_404) WordPress Plugins Honeypot Trap 158.173.77.129 (IT/Italy/-): 2 in the last 3600 secs ...
show more
(wordpress_404) WordPress Plugins Honeypot Trap 158.173.77.129 (IT/Italy/-): 2 in the last 3600 secs; IP: 158.173.77.129; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026/06/23 23:50:49 [error] 1820617#1820617: *109154 open() "/home/tmiland/public_html/wp-content/plugins/iwjob/assets/css/style.css" failed (2: No such file or directory), client: 158.173.77.129, server: *.*, request: "GET /wp-content/plugins/iwjob/assets/css/style.css HTTP/1.1", host: "www.*.*" 158.173.77.129 - - [23/Jun/2026:23:50:49 +0200] "GET /wp-content/plugins/iwjob/assets/css/style.css HTTP/1.1" 404 2992 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Mobile/15E148 Safari/604.1"
show less
Brute-Force
๐บ๐ธ
integrantservices.com
2026-06-22 20:49:06
(1 week ago)
(wordpress) Failed wordpress login from 158.173.77.129 (IT/Italy/-)
Brute-Force
Anonymous
2026-06-19 16:57:37
(2 weeks ago)
(wordpress) Failed wordpress login from 158.173.77.129 (IT/Italy/-)
Brute-Force
๐ฉ๐ช
barbarella
2026-06-19 16:56:54
(2 weeks ago)
Hacking attempt of Wordpress (scan for users/passwords) (POST /xmlrpc.php)
Hacking
Web App Attack
๐ซ๐ฎ
KnightIndustries
2026-06-19 11:33:17
(2 weeks ago)
2026-06-19T13:33:07.895967+02:00 milkyway wordpress(oldscarborough.com)[166160]: XML-RPC authenticat ...
show more
2026-06-19T13:33:07.895967+02:00 milkyway wordpress(oldscarborough.com)[166160]: XML-RPC authentication failure for joshua from 158.173.77.129
2026-06-19T13:33:08.339813+02:00 milkyway wordpress(oldscarborough.com)[166160]: XML-RPC authentication failure for joshua from 158.173.77.129
2026-06-19T13:33:15.890769+02:00 milkyway wordpress(learncryptography.pw)[177365]: XML-RPC authentication failure for macminty from 158.173.77.129
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-09 20:57:56
(3 weeks ago)
(wordpress) Failed wordpress login from 158.173.77.129 (IT/Italy/-)
Brute-Force
๐บ๐ธ
xmission.com
2026-06-08 20:13:33
(3 weeks ago)
158.173.77.129 - - [08/Jun/2026:14:13:32 -0600] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 ...
show more
158.173.77.129 - - [08/Jun/2026:14:13:32 -0600] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-08 19:56:15
(3 weeks ago)
(wordpress) Failed wordpress login from 158.173.77.129 (IT/Italy/-)
Brute-Force
๐บ๐ธ
mnsf
2026-06-05 15:06:08
(4 weeks ago)
Abuse Detected (25)
Brute-Force
Web App Attack