๐ซ๐ท
tilellit.pro
2026-06-28 08:13:56
(2 days ago)
Fail2Ban banned 193.203.8.85 for security violations in jail wp-armour. Log: 2026/06/28 08:13:55 [er ...
show more
Fail2Ban banned 193.203.8.85 for security violations in jail wp-armour. Log: 2026/06/28 08:13:55 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 193.203.8.85 | Target: wplogin" , client: 193.203.8.85, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐บ๐ธ
TPI-Abuse
2026-04-29 02:42:44
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 22:42:38.831239 2026] [security2:error] [pid 29742:tid 29742] [client 193.203.8.85:11197] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||mitchellamazing.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mitchellamazing.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afFwHoZUDrjkI7BlQKZu8wAAAAk"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-27 23:06:59
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 19:06:52.948023 2026] [security2:error] [pid 13303:tid 13303] [client 193.203.8.85:52737] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pages4you.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pages4you.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae_sDEGTpqE7OXhEbuzV9gAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 05:43:57
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 01:43:52.082287 2026] [security2:error] [pid 28141:tid 28141] [client 193.203.8.85:9195] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wizind.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wizind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae2mGMPwwA58iqrEehc9tAAAAA0"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-06-04 15:57:02
(1 year ago)
(mod_security) mod_security (id:217200) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:217200) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 04 11:56:55.164086 2025] [security2:error] [pid 1137373:tid 1137373] [client 193.203.8.85:60203] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header||www.pakistanvision.com|F|2"] [data "/xmlrpc.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.pakistanvision.com"] [uri "/xmlrpc.php"] [unique_id "aEBsx3alzNwNyF9ZnVmNLQAAAAM"], referer: https://www.pakistanvision.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-28 04:17:56
(1 year ago)
(mod_security) mod_security (id:211120) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211120) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 28 00:17:50.368966 2025] [security2:error] [pid 1825259:tid 1825259] [client 193.203.8.85:14953] [client 193.203.8.85] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "11"] [msg "COMODO WAF: Remote File Inclusion Attack||boardinjapan.com|F|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "boardinjapan.com"] [uri "/wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [unique_id "Z-Yi7m_aUzytMPZBBkOilAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
octageeks.com
2025-03-28 04:07:03
(1 year ago)
Wordpress malicious attack:[octascan]
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-10 18:52:10
(1 year ago)
(mod_security) mod_security (id:211120) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211120) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 10 14:52:04.407488 2025] [security2:error] [pid 4756:tid 4756] [client 193.203.8.85:22937] [client 193.203.8.85] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack||adace.com|F|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "adace.com"] [uri "/wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [unique_id "Z8801AkEfHdUdeTi6XTB6QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-02-28 03:43:34
(1 year ago)
(mod_security) mod_security (id:211120) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211120) triggered by 193.203.8.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 27 22:43:28.499567 2025] [security2:error] [pid 20495:tid 20586] [client 193.203.8.85:53775] [client 193.203.8.85] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack||www.scribblism.com|F|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.scribblism.com"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z8Ew4HMleA70RX9B8OhHEAAAAFI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-02-12 00:06:34
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ธ๐ช
OnTheEdge
2025-02-11 05:32:23
(1 year ago)
Password spraying. Multiple unauthorized login attempts
Hacking
Web App Attack
Anonymous
2025-02-08 06:43:20
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐จ๐ฟ
lp
2025-02-03 22:21:19
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 193.203.8.85
2025-02-03T22:05:55+01:0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 193.203.8.85
2025-02-03T22:05:55+01:00 vpn Access-Reject 'Aam' station: 193.203.8.85 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack