π«π·
Tilellit.PRO
2026-07-05 04:17:52
(1 week ago)
WP Armour Plugin detection
Web Spam
Brute-Force
π«π·
Tilellit.PRO
2026-07-02 04:29:42
(1 week ago)
tilellit/wp-armour-ban
Hacking
π«π·
Tilellit.PRO
2026-06-29 12:19:56
(2 weeks ago)
Fail2Ban banned 170.168.29.58 for security violations in jail wp-armour. Log: 2026/06/29 12:19:56 [e ...
show more
Fail2Ban banned 170.168.29.58 for security violations in jail wp-armour. Log: 2026/06/29 12:19:56 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 170.168.29.58 | Target: wplogin" , client: 170.168.29.58, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
π«π·
Tilellit.PRO
2026-06-27 10:30:15
(2 weeks ago)
Fail2Ban banned 170.168.29.58 for security violations in jail wp-armour. Log: 2026/06/27 10:30:14 [e ...
show more
Fail2Ban banned 170.168.29.58 for security violations in jail wp-armour. Log: 2026/06/27 10:30:14 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 170.168.29.58 | Target: wplogin" , client: 170.168.29.58, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
π¨πΏ
ptlab
2026-06-26 16:46:07
(2 weeks ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
πΊπΈ
island-freaks.com
2026-06-26 09:32:43
(2 weeks ago)
Attack Type: WordPress Exploit Bot attempt on /photo/113997/ | DNS 170.168.29.58 | Agent: Mozilla/5. ...
show more
Attack Type: WordPress Exploit Bot attempt on /photo/113997/ | DNS 170.168.29.58 | Agent: Mozilla/5.0 (X11; Linux x86_64; rv:146.0) Gecko/20100101 Firefox/146.0
show less
Port Scan
Hacking
Bad Web Bot
Exploited Host
Web App Attack
π«π·
Campus France
2026-06-25 04:10:07
(2 weeks ago)
[Thu Jun 25 06:10:03.139300 2026] [php:error] [pid 1201492] [client 170.168.29.58:59837] script '/va ...
show more
[Thu Jun 25 06:10:03.139300 2026] [php:error] [pid 1201492] [client 170.168.29.58:59837] script '/var/www/html/brume.org/xmlrpc.php' not found or unable to stat
[Thu Jun 25 06:10:03.425172 2026] [php:error] [pid 1201499] [client 170.168.29.58:33485] script '/var/www/html/brume.org/wp-login.php' not found or unable to stat, referer: https://www.google.com
[Thu Jun 25 06:10:03.734613 2026] [php:error] [pid 1201007] [client 170.168.29.58:41897] script '/var/www/html/brume.org/wp-login.php' not found or unable to stat, referer: https://www.google.com
[Thu Jun 25 06:10:04.020101 2026] [php:error] [pid 1201495] [client 170.168.29.58:49025] script '/var/www/html/brume.org/wp-admin.php' not found or unable to stat, referer: https://www.google.com
[Thu Jun 25 06:10:07.482736 2026] [php:error] [pid 1201342] [client 170.168.29.58:21489] script '/var/www/html/brume.org/xmlrpc.php' not found or unable to stat
...
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-23 09:02:18
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 170.168.29.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.29.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 05:02:12.451731 2026] [security2:error] [pid 17153:tid 17215] [client 170.168.29.58:45681] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||schecter.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "schecter.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajpLlLibdoOXe3uqjkKIGwAAAQg"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-21 04:50:11
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 170.168.29.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.29.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 00:50:06.578961 2026] [security2:error] [pid 31598:tid 31598] [client 170.168.29.58:17451] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kelting.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kelting.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajdtfiJAP_o7WoM07h-I3gAAAAo"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-20 21:10:21
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 170.168.29.58 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 170.168.29.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:10:17.459600 2026] [security2:error] [pid 32243:tid 32243] [client 170.168.29.58:57975] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||Poltorak.Net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "poltorak.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajcBudciVU-5EzMHAhJkQgAAABE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack