๐จ๐ญ
backslash
2026-07-02 06:27:00
(1 week ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
factor1
2026-07-02 01:51:32
(1 week ago)
Fail2ban at apollo Reports Abuse.
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-01 21:48:14
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ฑ๐ป
garmtech.com
2026-05-10 20:22:34
(1 month ago)
IM360 WAF: SQL Injection Attack: Common DB Names Detected
SQL Injection
๐ซ๐ท
SpaceHost-Server
2026-05-05 22:35:13
(2 months ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-05-04 22:28:49
(2 months ago)
Brute-Force
Web App Attack
Anonymous
2026-05-04 12:23:16
(2 months ago)
Web App Attack, Hacking
Hacking
Web App Attack
๐ง๐ช
cmbplf
2026-05-04 00:33:34
(2 months ago)
249 requests with url.path //xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-03 22:50:43
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 18:50:40.307598 2026] [security2:error] [pid 1653:tid 1653] [client 191.96.146.194:64861] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.directcch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.directcch.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "affRQEOjB_lUojslZyiDbAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-03 18:30:54
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 14:30:50.134985 2026] [security2:error] [pid 19150:tid 19150] [client 191.96.146.194:51859] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||crr-construction.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "crr-construction.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "afeUWlg5vBbAVsuauEpUcwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-05-03 16:58:54
(2 months ago)
[SunMay0318:58:49.2388022026][security2:error][pid3285994:tid3286105][client191.96.146.194:0]ModSecu ...
show more
[SunMay0318:58:49.2388022026][security2:error][pid3285994:tid3286105][client191.96.146.194:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"studio-portale.ch\"][uri\"/xmlrpc.php\"][unique_id\"afd-yWAdxJud4F_iDY_PnAAAAQI\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ซ๐ท
Baking333
2026-04-21 02:17:17
(2 months ago)
[redacted] 191.96.146.194 - - [21/Apr/2026:03:17:15 +0100] "GET //wordpress/ HTTP/1.1" 301 4336 0/29 ...
show more
[redacted] 191.96.146.194 - - [21/Apr/2026:03:17:15 +0100] "GET //wordpress/ HTTP/1.1" 301 4336 0/299 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.3124.85" [redacted] 191.96.146.194 - - [21/Apr/2026:03:17:16 +0100] "GET /wordpress HTTP/1.1" 302 1544 0/72734 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36 Edg/139.0.3124.85"
show less
Bad Web Bot
Web App Attack
Anonymous
2026-04-14 11:45:18
(2 months ago)
Malicious activity detected
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-17 14:10:42
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 17 10:10:35.338443 2026] [security2:error] [pid 15680:tid 15680] [client 191.96.146.194:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kryptonome.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kryptonome.com"] [uri "/old/www.sql"] [unique_id "ablg26SlefL0FNDb93C73AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-16 17:48:34
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.96.146.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 13:48:30.951230 2026] [security2:error] [pid 6969:tid 6969] [client 191.96.146.194:29903] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||brazilianbikinis.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brazilianbikinis.com"] [uri "/backup/backup.sql"] [unique_id "abhCblEtrLi8NO_m92SO3wAAAIA"]
show less
Brute-Force
Bad Web Bot
Web App Attack