πΊπΈ
TPI-Abuse
2026-07-17 10:29:11
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:29:06.065150 2026] [security2:error] [pid 13296:tid 13296] [client 194.99.27.78:29285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||med-engineering.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "med-engineering.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aloD8iNrpjZQd-HjXmbvRwAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Tilellit.PRO
2026-06-28 08:13:09
(2 weeks ago)
Fail2Ban banned 194.99.27.78 for security violations in jail wp-armour. Log: 2026/06/28 08:13:08 [er ...
show more
Fail2Ban banned 194.99.27.78 for security violations in jail wp-armour. Log: 2026/06/28 08:13:08 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 194.99.27.78 | Target: wplogin" , client: 194.99.27.78, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
π³π±
GabrielJST
2026-06-25 09:29:47
(3 weeks ago)
(wordpress) Failed wordpress login from 194.99.27.78 (US/United States/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-04-28 14:08:41
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 10:08:34.090443 2026] [security2:error] [pid 25724:tid 25724] [client 194.99.27.78:29427] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||stewarttaylor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "stewarttaylor.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afC_YscNaEpx0neXuRDz2QAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-16 06:05:28
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 02:05:23.856089 2026] [security2:error] [pid 1645170:tid 1645170] [client 194.99.27.78:29263] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gonzalez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeB8I9KIkKX2yZKXFUXMfgAAABI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-13 19:09:51
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 194.99.27.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 15:09:46.516512 2026] [security2:error] [pid 3927060:tid 3927060] [client 194.99.27.78:9597] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eye7graphics.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eye7graphics.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad0_enduxX1__OsEpvrzAgAAABQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
OceanTreasure
2026-02-26 22:55:08
(4 months ago)
tcp/443; WordPress login page access attempt: "GET /wp-login.php" @ 2026-02-26T22:46:57Z [proxy]
Brute-Force
π¨π
backslash
2026-02-21 13:36:01
(4 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
Anonymous
2026-02-13 00:17:50
(5 months ago)
"GET /wp-login.php HTTP/1.1"
Hacking
Web App Attack
Anonymous
2026-02-12 12:25:57
(5 months ago)
wordpress-trap
Web App Attack
π«π·
masterguru
2026-02-07 02:11:40
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.99.27.78 (NL/The Netherlands/-): 1 in the ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.99.27.78 (NL/The Netherlands/-): 1 in the last 3600 secs (0-195)
show less
Hacking
π«π·
masterguru
2026-02-06 23:11:40
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.99.27.78 (NL/The Netherlands/-): 1 in the ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.99.27.78 (NL/The Netherlands/-): 1 in the last 3600 secs (0-197)
show less
Hacking
π«π·
masterguru
2025-12-25 10:38:25
(6 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.99.27.78 (NL/The Netherlands/-): 1 in the ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.99.27.78 (NL/The Netherlands/-): 1 in the last 3600 secs (0-197)
show less
Hacking
Anonymous
2025-11-19 01:11:21
(7 months ago)
Forum/form spam
Web Spam
π¨π
backslash
2025-11-03 07:00:46
(8 months ago)
block ruleset 1E8A9918B1655D0828F2EEF05553DD2681055C9A
Web Spam