๐บ๐ธ
jormaster3k
2026-07-01 13:12:39
(14 minutes ago)
Attack against WordPress
Web App Attack
Anonymous
2026-07-01 13:00:15
(26 minutes ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 12:53:53
(33 minutes ago)
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 08:53:46.995675 2026] [security2:error] [pid 6021:tid 6021] [client 167.233.102.194:46286] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hayresearch.am|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hayresearch.am"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akUN2o4BHBLG4JHNDhHbpQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
ingroscart.it
2026-07-01 12:36:50
(50 minutes ago)
(wordpress) Failed wordpress login from 167.233.102.194 (DE/Germany/Saxony/Falkenstein/static.194.10 ...
show more
(wordpress) Failed wordpress login from 167.233.102.194 (DE/Germany/Saxony/Falkenstein/static.194.102.233.167.clients.your-server.de/[redacted])
show less
Brute-Force
๐บ๐ธ
integrantservices.com
2026-07-01 12:29:39
(57 minutes ago)
(PERMBLOCK) 167.233.102.194 (DE/Germany/static.194.102.233.167.clients.your-server.de) has had more ...
show more
(PERMBLOCK) 167.233.102.194 (DE/Germany/static.194.102.233.167.clients.your-server.de) has had more than 4 temp blocks
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-01 12:28:41
(58 minutes ago)
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 08:28:37.997593 2026] [security2:error] [pid 13230:tid 13230] [client 167.233.102.194:45358] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||puckerbackbikini.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "puckerbackbikini.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akUH9Yr7nPmRC2Nqwrn6oAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-01 12:10:34
(1 hour ago)
Web password guessing
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 10:08:40
(3 hours ago)
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:08:36.655145 2026] [security2:error] [pid 9878:tid 9878] [client 167.233.102.194:54962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rocksolidhomebuilders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rocksolidhomebuilders.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTnJOCEe4C2_jc0IqaE-QAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-01 10:06:21
(3 hours ago)
๐ Probes for wp-login.php and other inexistent URLs
Hacking
Web App Attack
๐ซ๐ท
solution.it
2026-07-01 08:08:28
(5 hours ago)
[Wed Jul 01 10:08:28.065724 2026] [php7:error] [pid 67434:tid 67434] [client 167.233.102.194:45792] ...
show more
[Wed Jul 01 10:08:28.065724 2026] [php7:error] [pid 67434:tid 67434] [client 167.233.102.194:45792] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat
show less
Web App Attack
๐บ๐ธ
mnsf
2026-07-01 08:06:25
(5 hours ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-01 07:54:06
(5 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:39:54
(5 hours ago)
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients ...
show more
(mod_security) mod_security (id:225170) triggered by 167.233.102.194 (static.194.102.233.167.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:39:48.024125 2026] [security2:error] [pid 10843:tid 10843] [client 167.233.102.194:44100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ismaelcavazos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ismaelcavazos.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akTERIz-xBC7az2_R5lA-gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-01 07:20:11
(6 hours ago)
(y4) Failed scan -byebye- from 167.233.102.194 (DE/Germany/static.194.102.233.167.clients.your-serve ...
show more
(y4) Failed scan -byebye- from 167.233.102.194 (DE/Germany/static.194.102.233.167.clients.your-server.de): (CF_ENABLE)
show less
Hacking
๐ฌ๐ง
poundawebsiteltd
2026-07-01 07:03:58
(6 hours ago)
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 167.233.102.194 - - [01/Jul/2026:08:03:54 +0100] ...
show more
WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 167.233.102.194 - - [01/Jul/2026:08:03:54 +0100] POST /wp-login.php HTTP/2.0 200 4139 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
show less
Web App Attack