๐บ๐ธ
TPI-Abuse
2026-05-22 13:49:52
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 09:49:45.765795 2026] [security2:error] [pid 16053:tid 16053] [client 193.202.16.137:38553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "321q.com"] [uri "/wp-config.bak"] [unique_id "ahBe-c4Pb4-ld4-JPWywEAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 00:22:58
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 20:22:53.921326 2026] [security2:error] [pid 20745:tid 20745] [client 193.202.16.137:15331] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vrevgaming.net"] [uri "/.wp-config.php.swp"] [unique_id "ag-h3R9mGv6bWXqEwPFF2wAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 21:01:54
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:01:22.970166 2026] [security2:error] [pid 7919:tid 7919] [client 193.202.16.137:38601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.weightlossover50.customdesignsbybjp.com"] [uri "/wp-config.txt"] [unique_id "ag4hIo2VptkoEH_Zn0UOHAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-03-07 16:37:52
(4 months ago)
Fail2Ban banned 193.202.16.137 for security violations in jail wp-armour. Log: 2026/03/07 16:37:52 [ ...
show more
Fail2Ban banned 193.202.16.137 for security violations in jail wp-armour. Log: 2026/03/07 16:37:52 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 193.202.16.137 | Target: wplogin" , client: 193.202.16.137, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐น๐ญ
MWA SOC
2026-02-27 08:33:54
(4 months ago)
Hacking
๐น๐ญ
MWA SOC
2026-02-25 22:02:29
(4 months ago)
Hacking
๐บ๐ธ
www.winos.me
2026-02-20 06:35:30
(4 months ago)
Banned due to high error rate on HTTP/1.1 protocol
Brute-Force
Web App Attack
๐ฎ๐ฉ
BPS-StatisticsIndonesia
2026-01-30 17:45:58
(5 months ago)
WP Login Scan Activities
Web App Attack
๐ฌ๐ง
Bytemark
2026-01-26 06:08:03
(5 months ago)
193.202.16.137 - - [26/Jan/2026:06:04:51 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.goo ...
show more
193.202.16.137 - - [26/Jan/2026:06:04:51 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
193.202.16.137 - - [26/Jan/2026:06:04:52 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
193.202.16.137 - - [26/Jan/2026:06:08:03 +0000] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-21 17:10:45
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 21 12:10:38.079244 2026] [security2:error] [pid 7226:tid 7226] [client 193.202.16.137:23401] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||admin.turedinmobiliaria.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "admin.turedinmobiliaria.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXEIjuUOTmXmhaDZGyD94wAAACc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-06 05:06:48
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 193.202.16.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 00:06:44.802409 2025] [security2:error] [pid 28291:tid 28291] [client 193.202.16.137:23933] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||hippiehaven.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hippiehaven.com"] [uri "/"] [unique_id "aTO55PrIzg0N3Y2At0yalwAAABY"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
wil.com
2025-06-08 01:43:58
(1 year ago)
GlobalProtect login attempts with user agomez.
VPN IP
Brute-Force
๐ฒ๐ฝ
licjperezl
2025-06-05 17:58:43
(1 year ago)
Ataque de diccionario o DDoS en nuestros servicios en linea
Brute-Force
๐ฎ๐ณ
wizard1411
2025-05-31 10:33:38
(1 year ago)
DDoS and brute force activity detected
Brute-Force
SSH
๐ฎ๐ณ
wizard1411
2025-05-30 07:21:30
(1 year ago)
DDoS and brute force activity detected
Brute-Force
SSH