๐บ๐ธ
etu brutus
2025-09-26 03:20:26
(9 months ago)
167.172.74.237 has been banned for [WebApp Attack]
...
Hacking
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2025-09-26 02:40:08
(9 months ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
Jason Howell
2025-09-26 02:22:58
(9 months ago)
167.172.74.237 - - [26/Sep/2025:02:22:39 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 534 "-" "Mozilla ...
show more
167.172.74.237 - - [26/Sep/2025:02:22:39 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
167.172.74.237 - - [26/Sep/2025:02:22:39 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
167.172.74.237 - - [26/Sep/2025:02:22:56 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
167.172.74.237 - - [26/Sep/2025:02:22:57 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 530 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
167.172.74.237 - - [26/Sep/2025:02:22:57 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 404 534 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML
...
show less
Web App Attack
๐จ๐ญ
backslash
2025-09-26 02:20:12
(9 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-09-26 01:59:15
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 21:59:10.651088 2025] [security2:error] [pid 5496:tid 5496] [client 167.172.74.237:60900] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.odinathletes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.odinathletes.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNXzbj7fVKFQZCwsJht4wQAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-26 01:35:24
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 21:35:16.900777 2025] [security2:error] [pid 184133:tid 184137] [client 167.172.74.237:54301] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nepsco.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nepsco.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNXt1NTaRE23GC7CzZrYHAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐ธ
Smel
2025-09-26 00:52:08
(9 months ago)
HTTP/80/443/8080 Unauthorized Probe, Hack -
Hacking
Web App Attack
๐ณ๐ฑ
artificialred.nl
2025-09-26 00:10:02
(9 months ago)
[XMLRPC probing] access_ssl_log:167.172.74.237 - - [26/Sep/2025:02:09:47 +0200] GET //wp-json/oembed ...
show more
[XMLRPC probing] access_ssl_log:167.172.74.237 - - [26/Sep/2025:02:09:47 +0200] GET //wp-json/oembed/1.0/embed?url=https://redacted-domain.com/ HTTP/1.0" 200 6317 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-26 00:00:46
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 20:00:42.414628 2025] [security2:error] [pid 25437:tid 25437] [client 167.172.74.237:61288] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.oakglenhouse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.oakglenhouse.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNXXqtCbXFtHX6JNSMjcRgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-25 23:34:32
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 19:34:29.424660 2025] [security2:error] [pid 1753:tid 1753] [client 167.172.74.237:56947] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nypatriotcards.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nypatriotcards.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNXRhaAenyvA3UHfkd4z3AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dolphi
2025-09-25 23:30:03
(9 months ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-25 23:05:44
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 19:05:38.069500 2025] [security2:error] [pid 1112359:tid 1112359] [client 167.172.74.237:61404] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nwtree.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nwtree.com"] [uri "/wp/wp-json/wp/v2/users/"] [unique_id "aNXKwlazg4NiMvQfhn9PtAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-25 21:50:30
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 17:50:24.236461 2025] [security2:error] [pid 2984:tid 2984] [client 167.172.74.237:56385] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.numbulary.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.numbulary.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNW5IJ8V9a7sxUFUGW5S7gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-25 21:34:44
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.74.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 25 17:34:36.527166 2025] [security2:error] [pid 1001657:tid 1001657] [client 167.172.74.237:59513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nuewines.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nuewines.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aNW1bOZrZQhoXXL84yskUwAAADo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2025-09-25 20:27:41
(9 months ago)
779 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot