๐บ๐ธ
TPI-Abuse
2026-07-11 10:36:34
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 193.203.9.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 193.203.9.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 06:36:29.601173 2026] [security2:error] [pid 7166:tid 7166] [client 193.203.9.159:13977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||saimedo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saimedo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alIcrTe7iXAkNPCz4zi1agAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-10 21:24:18
(14 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
Anonymous
2026-07-10 16:01:26
(20 hours ago)
[osotir.org] httpd-login-spray-site: sites=www.synathlountes.agonistes.gr; logs=/var/log/httpd/domai ...
show more
[osotir.org] httpd-login-spray-site: sites=www.synathlountes.agonistes.gr; logs=/var/log/httpd/domains/agonistes.gr.synathlountes.log; samples=site_wide=true | distinct_ips=13 | /wp-login.php
show less
Hacking
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-07-05 03:57:35
(6 days ago)
WP Armour Plugin detection
Web Spam
Brute-Force
๐จ๐ญ
backslash
2026-07-04 09:03:00
(1 week ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ซ๐ท
solution.it
2026-07-02 21:50:26
(1 week ago)
[Thu Jul 02 23:50:24.744378 2026] [php7:error] [pid 482323:tid 482323] [client 193.203.9.159:50045] ...
show more
[Thu Jul 02 23:50:24.744378 2026] [php7:error] [pid 482323:tid 482323] [client 193.203.9.159:50045] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat
show less
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-06-27 14:01:56
(1 week ago)
Fail2Ban banned 193.203.9.159 for security violations in jail wp-armour. Log: 2026/06/27 14:01:55 [e ...
show more
Fail2Ban banned 193.203.9.159 for security violations in jail wp-armour. Log: 2026/06/27 14:01:55 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 193.203.9.159 | Target: wplogin" , client: 193.203.9.159, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ซ๐ท
Tilellit.PRO
2026-06-27 05:57:48
(2 weeks ago)
Fail2Ban banned 193.203.9.159 for security violations in jail wp-armour. Log: 2026/06/27 05:57:48 [e ...
show more
Fail2Ban banned 193.203.9.159 for security violations in jail wp-armour. Log: 2026/06/27 05:57:48 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 193.203.9.159 | Target: wplogin" , client: 193.203.9.159, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ฌ๐ง
relianoid.com
2026-06-16 23:14:06
(3 weeks ago)
POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com
Web Spam
๐ฉ๐ช
SCHAPPY
2026-05-29 22:40:09
(1 month ago)
Bad bot identified by user agent
Bad Web Bot
๐บ๐ธ
myagent.site
2026-03-21 05:17:58
(3 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
๐บ๐ธ
octageeks.com
2026-03-18 04:09:31
(3 months ago)
Wordpress malicious attack:[octaxmlrpc]
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 07:24:55
(6 months ago)
(mod_security) mod_security (id:210350) triggered by 193.203.9.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 193.203.9.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 02:24:48.971826 2025] [security2:error] [pid 19107:tid 19107] [client 193.203.9.159:54149] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||firewoodstudio.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "firewoodstudio.com"] [uri "/"] [unique_id "aU-JwMWeCHB4LULPJBOzOgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-24 09:26:59
(6 months ago)
(mod_security) mod_security (id:211700) triggered by 193.203.9.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211700) triggered by 193.203.9.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 24 04:25:54.271086 2025] [security2:error] [pid 9850:tid 9850] [client 193.203.9.159:19971] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:[ ()]case ?\\\\(|\\\\) ?like ?\\\\(|\\\\bhaving ?[^\\\\s]+ ?[^\\\\w ]|\\\\bif ?\\\\([\\\\d\\\\w] ?[=<>~])" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "33"] [id "211700"] [rev "8"] [msg "COMODO WAF: Detects conditional SQL injection attempts||kountz.org|F|2"] [data "Matched Data: having found within MATCHED_VAR: KenreighDescendancy)AND1GROUPBYCONCAT(0x48774337,(SELECT(ELT(2836=2836,1))),0x564b7878,FLOOR(RAND(0)*2))HAVINGMIN(0)"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "kountz.org"] [uri "/famsearch.php"] [unique_id "aUuxojAYnL-Dob31Wxs5bwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
lp
2025-03-15 01:24:08
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 193.203.9.159
2025-03-15T01:11:05+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 193.203.9.159
2025-03-15T01:11:05+01:00 vpn Access-Reject 'blue' station: 193.203.9.159 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack