πΊπΈ
TPI-Abuse
2026-06-23 14:36:13
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 3 ...
show more
(mod_security) mod_security (id:225170) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 10:36:09.578982 2026] [security2:error] [pid 32458:tid 32458] [client 179.43.133.50:58670] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||takemehomedogrescue.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "takemehomedogrescue.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajqZ2YVopCEdw8w8iFecQAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 04:45:38
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 3 ...
show more
(mod_security) mod_security (id:225170) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 00:45:29.718080 2026] [security2:error] [pid 21363:tid 21363] [client 179.43.133.50:60754] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fitnessgearmagazine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fitnessgearmagazine.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "aji96TWxzDf9VDSGgPZADwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
Charlesiv
2026-06-18 08:19:58
(1 week ago)
Triggered Cloudflare WAF (firewallCustom) from T1.
Action taken: BLOCK
ASN: 51852 (Private Layer INC ...
show more
Triggered Cloudflare WAF (firewallCustom) from T1.
Action taken: BLOCK
ASN: 51852 (Private Layer INC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /
Timestamp: 2026-06-18T07:44:04Z
Ray ID: a0d8aaa9dee47a9b
UA: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/30.0 Chrome/143.0.0.0 Mobile Safari/537.36
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-06-11 19:26:39
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 3 ...
show more
(mod_security) mod_security (id:225170) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 15:26:34.616488 2026] [security2:error] [pid 21629:tid 21629] [client 179.43.133.50:34946] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gellertdealers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gellertdealers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aisL6h3-VzRtGxxqKDNTvAAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-06-11 19:06:19
(2 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
Anonymous
2026-06-07 04:31:12
(3 weeks ago)
2026-06-07T08:00:59.273357+03:30 digitalogic sshd-session[862537]: pam_unix(sshd:auth): authenticati ...
show more
2026-06-07T08:00:59.273357+03:30 digitalogic sshd-session[862537]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=179.43.133.50
2026-06-07T08:01:00.884303+03:30 digitalogic sshd-session[862537]: Failed password for invalid user admin from 179.43.133.50 port 35868 ssh2
2026-06-07T08:01:08.173381+03:30 digitalogic sshd-session[862537]: Connection closed by invalid user admin 179.43.133.50 port 35868 [preauth]
...
show less
Brute-Force
SSH
π¨πΏ
Countryman
2026-06-06 00:10:01
(3 weeks ago)
repeated unauthorized VPN login attempt, user sweep
VPN IP
Hacking
Brute-Force
π¨πΏ
Countryman
2026-06-04 22:03:48
(3 weeks ago)
repeated unauthorized VPN login attempt, user sweep
VPN IP
Hacking
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-01 09:39:36
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 05:39:32.446924 2026] [security2:error] [pid 21079:tid 21086] [client 179.43.133.50:43388] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||flipkimmel.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "flipkimmel.com"] [uri "/dump.sql"] [unique_id "ah1TVBbrh0lladlzSULTTQAAAQU"], referer: flipkimmel.com/dump.sql
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-31 20:11:53
(4 weeks ago)
(mod_security) mod_security (id:210730) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 16:11:47.984663 2026] [security2:error] [pid 25657:tid 25657] [client 179.43.133.50:52546] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||luciferdirective.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "luciferdirective.com"] [uri "/dump.sql"] [unique_id "ahyWA3UgHOhXm99aDmroVgAAAAs"], referer: luciferdirective.com/dump.sql
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Martin Lundstrom
2026-05-30 14:27:02
(1 month ago)
https://www.eagleeye-intelligence.com β IDS: network scan. Automatically detected and blocked.
Port Scan
Web App Attack
π©πͺ
FeG Deutschland
2026-05-28 02:01:54
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2
Exploited Host
Web App Attack
π³π±
Kotiacat_one
2026-05-25 20:30:49
(1 month ago)
2026-05-25T23:30:48.847602+03:00 kotiacat.nexus sshd-session[10847]: Invalid user admin1 from 179.43 ...
show more
2026-05-25T23:30:48.847602+03:00 kotiacat.nexus sshd-session[10847]: Invalid user admin1 from 179.43.133.50 port 57552
...
show less
Brute-Force
SSH
π³π±
Kotiacat_one
2026-05-24 14:07:22
(1 month ago)
2026-05-24T17:07:21.721810+03:00 kotiacat.nexus sshd-session[2149]: Invalid user admin from 179.43.1 ...
show more
2026-05-24T17:07:21.721810+03:00 kotiacat.nexus sshd-session[2149]: Invalid user admin from 179.43.133.50 port 49146
...
show less
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-05-23 19:47:27
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210730) triggered by 179.43.133.50 (kisstracks.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 15:47:24.532773 2026] [security2:error] [pid 22080:tid 22080] [client 179.43.133.50:48802] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||alphabravocharters.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "alphabravocharters.com"] [uri "/dump.sql"] [unique_id "ahIETPtEeIovkfJxwCp36AAAAAg"], referer: alphabravocharters.com/dump.sql
show less
Brute-Force
Bad Web Bot
Web App Attack