๐บ๐ธ
TRoden
2026-07-06 19:37:10
(3 days ago)
Geo Block Plugin: Escalation flag(s): rce_attempt
Hacking
๐จ๐ญ
Origon
2026-07-02 18:26:13
(1 week ago)
http-bad-user-agent - IP: 213.232.121.153 - time="2026-07-02T20:26:13+02:00" level=info msg="(555f6 ...
show more
http-bad-user-agent - IP: 213.232.121.153 - time="2026-07-02T20:26:13+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-bad-user-agent by ip 213.232.121.153 (RU/35830) : 4h ban on Ip 213.232.121.153" module=db
show less
Bad Web Bot
๐ณ๐ฑ
Roderic
2026-07-02 09:46:35
(1 week ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted])
Bad Web Bot
๐จ๐ญ
4server
2026-07-02 04:47:51
(1 week ago)
[ThuJul0206:47:39.7115892026][security2:error][pid3400708:tid3401565][client213.232.121.153:0]ModSec ...
show more
[ThuJul0206:47:39.7115892026][security2:error][pid3400708:tid3401565][client213.232.121.153:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"www.rs-solution.ch\"][uri\"/robots.txt\"][unique_id\"akXta9E41KwVJzgO-wLGhQAAAFA\"]
show less
Hacking
Web App Attack
๐ฉ๐ช
Hazzard
2026-07-01 23:29:04
(1 week ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted]): (CF_ENABLE)
Bad Web Bot
๐จ๐ญ
backslash
2026-07-01 20:12:03
(1 week ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot
๐ฉ๐ช
stinpriza
2026-06-29 17:35:27
(1 week ago)
Web App Attack
Web App Attack
Anonymous
2026-06-28 14:20:09
(1 week ago)
XMLRPC BRUTEFORCE - HTTP (Request)
Hacking
๐บ๐ธ
kosada.com
2026-05-06 16:13:12
(2 months ago)
Web password guessing
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-06 11:00:35
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 07:00:18.550994 2026] [security2:error] [pid 6016:tid 6016] [client 213.232.121.153:24789] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lbee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lbee.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afsfQkMHJ9dbtYfR3uRcZwAAAA8"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-03 20:57:27
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 16:57:13.557913 2026] [security2:error] [pid 1053:tid 1053] [client 213.232.121.153:32219] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sfprivatechef.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sfprivatechef.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afe2qaGlR23P9PkWRd_BVgAAAAo"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
NicoID
2026-05-01 00:14:49
(2 months ago)
213.232.121.153 - - [30/Apr/2026:15:37:42 -0600] "GET /wp-login.php HTTP/1.1" 200 4883 "https://www. ...
show more
213.232.121.153 - - [30/Apr/2026:15:37:42 -0600] "GET /wp-login.php HTTP/1.1" 200 4883 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-26 03:07:42
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 23:07:28.849104 2026] [security2:error] [pid 29925:tid 29925] [client 213.232.121.153:11805] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||blackmanfamily.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "blackmanfamily.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae2BcOLTXgHeusVISy9GPQAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-04-17 08:40:32
(2 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 16:12:57
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.121.153 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 12:12:40.272595 2026] [security2:error] [pid 9838:tid 9838] [client 213.232.121.153:40567] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sinsky.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sinsky.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acvyeF9Ok2khAuPu-SSvYgAAAAY"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack