๐บ๐ธ
TPI-Abuse
2026-07-03 22:57:02
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 18:56:58.078491 2026] [security2:error] [pid 11198:tid 11198] [client 194.180.236.219:44271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||marianozaro.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marianozaro.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akg-OtiwH8CeBRzKUbUjOgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 00:53:27
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 20:53:20.680563 2026] [security2:error] [pid 21501:tid 21607] [client 194.180.236.219:33513] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||chelseyrae.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "chelseyrae.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akRlAKHUfCQP8EuJmCvR0wAAAdU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2026-06-26 00:01:35
(1 week ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-14 21:49:39
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 17:49:32.108371 2026] [security2:error] [pid 2909:tid 2909] [client 194.180.236.219:53167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||philipjnielsen-drafting-design.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "philipjnielsen-drafting-design.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai8h7NByVGi45tmMHtWbegAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
JimArchon72
2026-06-02 07:10:03
(1 month ago)
2026/06/02 07:07:30 "GET /wp-login.php?action=register HTTP/1.1"
Web App Attack
๐บ๐ธ
mnsf
2026-05-21 21:05:20
(1 month ago)
Scanning/Probing (34)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 17:55:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 13:54:52.746182 2026] [security2:error] [pid 24067:tid 24067] [client 194.180.236.219:31505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "solarfarms.info"] [uri "/wp-config.bak"] [unique_id "ag31bLX9barXcAlERkDjpgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 16:49:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 194.180.236.219 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:48:57.354526 2026] [security2:error] [pid 15536:tid 15547] [client 194.180.236.219:26605] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tomithai.plumeraproductions.com"] [uri "/.wp-config.php.swp"] [unique_id "ag3l-TEqR1DVDZmczhCCYwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-05-20 14:05:33
(1 month ago)
Scanning/Probing (34)
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-05-16 18:10:03
(1 month ago)
WordPress content enumeration
Web App Attack
Anonymous
2026-05-06 06:16:02
(2 months ago)
Forum/form spam
Web Spam
๐จ๐ญ
4server
2026-04-30 20:11:19
(2 months ago)
[ThuApr3022:11:16.4471952026][security2:error][pid4107214:tid4107946][client194.180.236.219:0]ModSec ...
show more
[ThuApr3022:11:16.4471952026][security2:error][pid4107214:tid4107946][client194.180.236.219:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchedphrase\"wp-config.php\"atARGS:img.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"135\"][id\"344360\"][rev\"5\"][msg\"Atomicorp.comWAFRules:UnauthorizedOperatingSystemFileAccessAttempt\"][data\"MatchedData:wp-config.phpfoundwithinARGS:img:../wp-config.php\"][severity\"CRITICAL\"][tag\"attack-lfi\"][hostname\"mondo-it.ch\"][uri\"/wp-admin/admin-ajax.php\"][unique_id\"afO3ZP2TkPf0MlDvGtRvyQAAAMk\"]
show less
Hacking
Web App Attack
๐ซ๐ท
masterguru
2026-04-16 06:10:59
(2 months ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)
Hacking
Anonymous
2026-02-01 10:01:03
(5 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.02.01 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.02.01 is noted in report timestamp
show less
Hacking
Brute-Force
๐ฎ๐ฉ
BPS-StatisticsIndonesia
2026-01-23 21:57:18
(5 months ago)
WP Login Scan Activities
Web App Attack