๐จ๐ญ
backslash
2026-07-09 20:06:01
(2 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 09:29:14
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:28:56.996523 2026] [security2:error] [pid 22238:tid 22238] [client 213.232.123.42:44051] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||al-bukhari.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "al-bukhari.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak9p2Eg4pj_BcsDsFTyn6gAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-07-02 21:53:51
(1 week ago)
Web password guessing
Brute-Force
๐ซ๐ท
Tilellit.PRO
2026-06-28 09:24:41
(2 weeks ago)
Fail2Ban banned 213.232.123.42 for security violations in jail wp-armour. Log: 2026/06/28 09:24:41 [ ...
show more
Fail2Ban banned 213.232.123.42 for security violations in jail wp-armour. Log: 2026/06/28 09:24:41 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 213.232.123.42 | Target: wplogin" , client: 213.232.123.42, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐จ๐ฟ
ptlab
2026-06-25 12:48:46
(2 weeks ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 04:20:12
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 00:19:58.360024 2026] [security2:error] [pid 14507:tid 14507] [client 213.232.123.42:58863] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||scotts.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "scotts.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajYU7rqr4lYTB_R10m8I0wAAAA4"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-16 11:49:54
(3 weeks ago)
Web App Attack
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-06-15 00:25:06
(3 weeks ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-13 21:25:04
(4 weeks ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 17:24:46.074453 2026] [security2:error] [pid 29969:tid 29969] [client 213.232.123.42:33141] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||homerbiz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "homerbiz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai3KnhMYdGNX0Uj6umG88QAAAAg"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-06-12 05:20:05
(1 month ago)
Web App Attack
Web App Attack
๐ฌ๐ง
consul.to
2026-06-12 03:46:51
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 06:35:10
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 02:34:55.312828 2026] [security2:error] [pid 25423:tid 25423] [client 213.232.123.42:22927] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||superlamb.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "superlamb.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aie0DwpCmTw5yb5WXuNnlAAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 05:37:47
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.123.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 01:37:31.332621 2026] [security2:error] [pid 2194:tid 2194] [client 213.232.123.42:23689] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||qbasys.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "qbasys.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahfUmx0g8C1EWe9J8n-CBQAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-05-27 21:49:49
(1 month ago)
Known malicious PHP file or CMS probe
Web App Attack
๐บ๐ธ
kosada.com
2026-05-24 20:21:04
(1 month ago)
Web password guessing
Brute-Force