๐บ๐ธ
TPI-Abuse
2026-07-03 10:49:25
(8 hours ago)
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 06:49:18.184242 2026] [security2:error] [pid 19201:tid 19201] [client 195.167.126.178:49668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fatcaverecords.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fatcaverecords.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akeTrk2QO6ZznqizkwEAYQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 09:15:06
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 05:14:59.961571 2026] [security2:error] [pid 9214:tid 9214] [client 195.167.126.178:58805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||customhumanrobots.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "customhumanrobots.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akd9k2Kn9aPh3spZgaywfwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-03 09:13:46
(10 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:08:06
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:08:01.418332 2026] [security2:error] [pid 30625:tid 30625] [client 195.167.126.178:64964] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||paleopathologist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "paleopathologist.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akYqcVA7n74bV-U4revUvwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:42:07
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:41:59.341156 2026] [security2:error] [pid 12538:tid 12538] [client 195.167.126.178:57403] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||maprada92.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maprada92.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akYWR_u_XFlRnlKhHZ9C4gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-01 11:28:49
(2 days ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 10:52:54
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 195.167.126.178 (enia57.static.otenet.gr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 06:52:47.720934 2026] [security2:error] [pid 1151:tid 1151] [client 195.167.126.178:55727] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bigholegolf.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj0If4RF-GD_sEMhhgVDQQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Tha_14
2026-06-25 10:25:30
(1 week ago)
Limit on login attempts is reached
Brute-Force
๐ฌ๐ท
setupgr
2026-06-25 10:25:10
(1 week ago)
(XMLRPC) WP XMLPRC Attack 195.167.126.178 (GR/Greece/Attica/Athens/-/[AS6799 OTENET-GR Athens - Gree ...
show more
(XMLRPC) WP XMLPRC Attack 195.167.126.178 (GR/Greece/Attica/Athens/-/[AS6799 OTENET-GR Athens - Greece]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 195.167.126.178 - - [25/Jun/2026:13:20:35 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18938 "-" "Mozilla/5.0 (Linux; Android 10; x86) AppleWebKit/537.36 (KHTML, like Gecko) Opera/78.0.0.0 Safari/537.36"
show less
Port Scan
๐ฉ๐ช
rh24
2026-06-23 11:36:38
(1 week ago)
(xmlrpc_405) XMLRPC-Bot 405 195.167.126.178 (GR/Greece/enia57.static.otenet.gr)
Hacking
๐ฉ๐ช
LRob
2026-06-23 09:45:05
(1 week ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-23 08:33:17
(1 week ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after PHP/webshell probe. Vegas Security
Hacking
Web App Attack
๐ฉ๐ช
Tha_14
2026-06-23 07:03:55
(1 week ago)
Limit on login attempts is reached
Brute-Force
๐บ๐ธ
ne1for23
2026-06-22 07:49:23
(1 week ago)
195.167.126.178 - - [22/Jun/2026:07:49:23 +0000] "POST /xmlrpc.php HTTP/1.1" 403 153 "-" "Mozilla/5. ...
show more
195.167.126.178 - - [22/Jun/2026:07:49:23 +0000] "POST /xmlrpc.php HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Linux; Android 10; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/73.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
Anonymous
2026-06-22 06:09:42
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH