๐บ๐ธ
TPI-Abuse
2026-05-18 21:49:57
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 17:49:48.480328 2026] [security2:error] [pid 24233:tid 24233] [client 64.49.39.190:52917] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||casadelsolmexico.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "casadelsolmexico.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aguJfO0TwEQYO2pVYcVFPgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-05-16 22:27:01
(1 month ago)
block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-16 22:13:04
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 18:12:54.365181 2026] [security2:error] [pid 30099:tid 30099] [client 64.49.39.190:47623] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Barrington/Thumbs.db"] [unique_id "agjr5hL9gQSpyUaAyM2DAgAAABQ"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Barrington/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-04-16 18:27:01
(2 months ago)
block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-26 14:33:41
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 09:33:30.455784 2026] [security2:error] [pid 23231:tid 23231] [client 64.49.39.190:56297] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||futuresgrowhere.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "futuresgrowhere.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaBZuuhUwrTE_pBs_VCv-AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
georgengelmann
2026-02-26 07:17:27
(4 months ago)
Failed login attempt for amandamedison
Brute-Force
Web App Attack
๐ฎ๐ฉ
zam
2026-02-21 07:45:50
(4 months ago)
64.49.39.190 - - [21/Feb/2026:07:45:48 +0000] "POST /wp-login.php HTTP/1.1" 404 82108
Web App Attack
๐ซ๐ท
tilellit.pro
2026-02-11 10:31:06
(4 months ago)
Fail2Ban banned 64.49.39.190 for security violations in jail wp-armour. Log: 2026/02/11 10:31:05 [er ...
show more
Fail2Ban banned 64.49.39.190 for security violations in jail wp-armour. Log: 2026/02/11 10:31:05 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 64.49.39.190 | Target: wplogin" , client: 64.49.39.190, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐บ๐ธ
TPI-Abuse
2026-02-10 15:34:51
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 64.49.39.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 10:34:42.138528 2026] [security2:error] [pid 29925:tid 29925] [client 64.49.39.190:24793] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||primacomm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "primacomm.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYtQEn3lPe1RtcOWceLp4gAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2025-12-23 11:00:34
(6 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 64.49.39.190 (US/United States/-): 1 in the la ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 64.49.39.190 (US/United States/-): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ซ๐ฎ
Shaik Sai Meera
2025-12-15 09:30:15
(6 months ago)
Web Shell Access Attempt
Open Proxy
Brute-Force
Web App Attack
๐ง๐ฌ
cheatmaster.store
2025-11-15 03:28:58
(7 months ago)
Detected proxy server at 64.49.39.190
Brute-Force
SSH