๐ฉ๐ช
ghostwarriors
2026-05-01 09:50:21
(2 months ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ksol-hostmaster
2026-05-01 09:30:37
(2 months ago)
2026/05/01 11:30:36 [error] 68385#156525: *236396 access forbidden by rule, client: 185.242.5.18, se ...
show more
2026/05/01 11:30:36 [error] 68385#156525: *236396 access forbidden by rule, client: 185.242.5.18, server: new.hondaforum.hu, request: "GET /topic/off-topic/255083/ HTTP/1.1", host: "new.hondaforum.hu"
...
show less
Web Spam
Anonymous
2026-03-10 00:21:54
(3 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in printer-friendly.asp
show less
Exploited Host
Bad Web Bot
๐บ๐ธ
mw
2026-01-14 05:55:02
(5 months ago)
GET /jolokia/exec/com.sun.management:type=DiagnosticCommand/compilerDirectivesAdd/!/etc!/passwd HTTP ...
show more
GET /jolokia/exec/com.sun.management:type=DiagnosticCommand/compilerDirectivesAdd/!/etc!/passwd HTTP/1.1
show less
Web App Attack
๐น๐ท
CTI-Beholder
2026-01-13 20:15:00
(5 months ago)
Vulnerability Scanning (Directory Traversal, XSS, Multiple RCE Exploits)
Exploited Host
Web App Attack
๐ซ๐ท
dynamix
2026-01-13 19:27:07
(5 months ago)
Multiple WAF Violations
Web App Attack
๐ง๐ช
voormedia
2025-11-08 06:44:20
(7 months ago)
Accessed trap at '/xmlrpc.php'
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-08 04:45:26
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 23:45:18.507469 2025] [security2:error] [pid 8650:tid 8650] [client 185.242.5.18:47232] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||siczewicz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "siczewicz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ7K3nefEhRVf-Pbp8twtwAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2025-11-08 04:30:03
(7 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-11-08 03:18:30
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 22:18:21.810823 2025] [security2:error] [pid 24832:tid 24832] [client 185.242.5.18:45172] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||serpentstudios.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "serpentstudios.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ62fQokXZMKf_J6e-PYaAAAAAY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
kjaerulff
2025-11-08 02:24:44
(7 months ago)
Failed Wordpress login using xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-08 00:50:59
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 19:50:52.515686 2025] [security2:error] [pid 23369:tid 23369] [client 185.242.5.18:57738] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dwars.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dwars.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aQ6T7AvYzV-7p8SN5FUoTgAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-02 09:29:28
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 02 04:29:22.031056 2025] [security2:error] [pid 23408:tid 23408] [client 185.242.5.18:50354] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ampstudio.eu|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ampstudio.eu"] [uri "/wp-json/wp/v2/users"] [unique_id "aQckciXZcI1qJHdoVqm3IgAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-31 11:06:42
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 185.242.5.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 31 07:06:35.644806 2025] [security2:error] [pid 31644:tid 31644] [client 185.242.5.18:55132] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mikeberro.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mikeberro.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQSYO-GRseEwDokVFX4iRAAAACY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
exxos
2025-10-18 11:03:02
(8 months ago)
Attacks with Bad user agents
Hacking