π¬π§
consul.to
2026-07-13 09:16:32
(21 hours ago)
Web attack/malicious scanning detected
Web App Attack
π¨πΏ
ptlab
2026-06-22 20:45:34
(3 weeks ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
π©πͺ
MusicLibrary
2026-06-20 05:47:53
(3 weeks ago)
Attempted access to non existent wordpress urls
Bad Web Bot
πΊπΈ
nationaleventpros.com
2026-06-15 00:23:58
(4 weeks ago)
WordPress login attempt
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-11 12:56:32
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:56:28.778089 2026] [security2:error] [pid 10817:tid 10817] [client 185.168.31.95:40573] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pages4you.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pages4you.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiqwfFNF9xIPBSM7TtbYcQAAACQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 20:02:08
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:02:03.513974 2026] [security2:error] [pid 15277:tid 15277] [client 185.168.31.95:46269] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||krugmans.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "krugmans.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ah3lO6jv9R1k7Ycia8Zz5gAAABE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
MAGIC
2026-05-29 01:10:46
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2026-05-27 03:05:44
(1 month ago)
Blocked: Reason='Possible SQL injection activity (447/60 min)'; Requests=447
SQL Injection
πΊπΈ
TPI-Abuse
2026-05-24 18:56:22
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 14:56:19.432698 2026] [security2:error] [pid 25997:tid 25997] [client 185.168.31.95:59731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||no504.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "no504.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahNJ01_1jN-OGDx-793ISwAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
consul.to
2026-05-22 16:00:45
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-21 20:37:58
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 16:37:52.915970 2026] [security2:error] [pid 23380:tid 23380] [client 185.168.31.95:62993] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lopansri.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lopansri.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ag9tIGqAGKjzGD7HHhuazQAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-20 11:37:39
(1 month ago)
FPROCO WEBEXPLOIT 185.168.31.95 (185.168.31.95)
Web App Attack
π©πͺ
LRob
2026-05-15 00:15:15
(1 month ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-12 13:46:01
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 185.168.31.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 09:45:56.732517 2026] [security2:error] [pid 3852517:tid 3852517] [client 185.168.31.95:38513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||aliciagrant.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "aliciagrant.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aduiFCxYf4bitQy-cxHr9wAAAAc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
agenciahypelab.com.br
2026-03-05 23:20:59
(4 months ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH