πΊπΈ
TPI-Abuse
2026-06-06 04:13:00
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:12:57.003909 2026] [security2:error] [pid 28132:tid 28132] [client 45.159.22.125:51969] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jiggaboojones.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jiggaboojones.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiOeSOcfQYw7_ftHP3XIFwAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 17:55:10
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 13:55:01.663873 2026] [security2:error] [pid 21101:tid 21101] [client 45.159.22.125:10577] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gotdt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gotdt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acq49R8UQeEyNxqYTvskBAAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 06:41:15
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 02:41:07.571667 2026] [security2:error] [pid 32100:tid 32100] [client 45.159.22.125:47585] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||goodpage.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "goodpage.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acobA8mTis6Uf9UapHMWhAAAAAQ"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-27 06:03:39
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 02:03:34.655825 2026] [security2:error] [pid 29441:tid 29441] [client 45.159.22.125:19891] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||summithost.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "summithost.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acYdtvROm1lxDDu5yaRXPQAAAAI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 02:02:33
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 22:02:29.297174 2026] [security2:error] [pid 13340:tid 13340] [client 45.159.22.125:33845] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||nowell.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "nowell.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acSTtevC0RL3zjl_VKgAqwAAAAM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-24 13:57:11
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 09:57:07.971298 2026] [security2:error] [pid 26130:tid 26130] [client 45.159.22.125:16409] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kalvanna.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kalvanna.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acKYM8361ZZRPbwjwI4zTAAAAAc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨πΏ
lp
2026-03-10 07:41:06
(2 months ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.22.125
2026-03-10T07:05:48+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.22.125
2026-03-10T07:05:48+01:00 vpn Access-Reject 'mcduff' station: 45.159.22.125 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
π¨πΏ
lp
2026-03-09 07:39:57
(2 months ago)
Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.22.125
2026-03-09T07:54:37+01: ...
show more
Unauthorized VPN login attempts: 2 attempts were recorded from 45.159.22.125
2026-03-09T07:54:37+01:00 vpn Access-Reject 'egreen' station: 45.159.22.125 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
2026-03-09T07:54:47+01:00 vpn Access-Reject 'pres' station: 45.159.22.125 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
π¨πΏ
lp
2026-03-02 10:42:39
(3 months ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.22.125
2026-03-02T11:13:22+01: ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.159.22.125
2026-03-02T11:13:22+01:00 vpn Access-Reject 'tallguy' station: 45.159.22.125 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-01-22 18:33:46
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.159.22.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 13:33:39.024255 2026] [security2:error] [pid 20468:tid 20468] [client 45.159.22.125:36215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ubuciko.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ubuciko.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aXJtg7woQWcF4ljAp-EjfwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
myagent.site
2026-01-21 10:38:56
(4 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking
π«π·
masterguru
2026-01-17 11:32:09
(4 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 45.159.22.125 (FI/Finland/-): 1 in the last 36 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 45.159.22.125 (FI/Finland/-): 1 in the last 3600 secs (0-196)
show less
Hacking
π¨π³
ThreatBook.io
2025-04-30 00:43:49
(1 year ago)
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/45.159.22.125
2025-04-29 08: ...
show more
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/45.159.22.125
2025-04-29 08:50:27 /+CSCOE+/logon.html
2025-04-29 12:57:47 /+CSCOE+/logon.html
show less
Web App Attack
π¨π³
ThreatBook.io
2025-04-26 00:43:54
(1 year ago)
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/45.159.22.125
2025-04-25 12: ...
show more
ThreatBook Intelligence: Zombie more details on http://threatbook.io/ip/45.159.22.125
2025-04-25 12:28:18 /+CSCOE+/logon.html
2025-04-25 07:39:01 /+CSCOE+/logon.html
show less
Web App Attack
π¨π
backslash
2025-03-07 00:25:05
(1 year ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot