๐ช๐ธ
librebit
2026-07-15 08:51:31
(1 day ago)
Brute force
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-08 12:17:47
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 08:17:39.498286 2026] [security2:error] [pid 2739:tid 2739] [client 83.97.117.197:29865] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rjabramsonfoundation.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rjabramsonfoundation.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak4_42s1XB_cFkBcklI-EQAAABA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 14:28:40
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 10:28:35.190807 2026] [security2:error] [pid 17315:tid 17315] [client 83.97.117.197:21117] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||walkerweb.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "walkerweb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajajk0NLJPH35OqJseGgeQAAABI"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 05:58:20
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 01:58:11.893823 2026] [security2:error] [pid 22579:tid 22579] [client 83.97.117.197:20833] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cyberclay.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cyberclay.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajYr8_2tA4Cu_VkAeZPtsQAAAAw"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-06 17:26:25
(1 month ago)
(mod_security) mod_security (id:210350) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 13:26:21.532376 2026] [security2:error] [pid 3019:tid 3019] [client 83.97.117.197:50091] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||kameleonquilt.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kameleonquilt.com"] [uri "/kameleon eng/kameleon eng index.html"] [unique_id "aiRYPci7y2s1S818BIPJeAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
SSH-Admin
2026-02-07 17:12:28
(5 months ago)
Probing for Exploits
Exploited Host
Web App Attack
๐ซ๐ท
masterguru
2026-01-24 19:00:19
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 36 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
masterguru
2026-01-20 20:06:42
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 36 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
masterguru
2026-01-18 08:40:49
(5 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 36 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
masterguru
2026-01-13 20:58:48
(6 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 36 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐ซ๐ท
masterguru
2026-01-07 06:53:45
(6 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 36 ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 83.97.117.197 (FI/Finland/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐จ๐ฆ
SSH-Admin
2025-12-27 13:45:08
(6 months ago)
Probing for Exploits
Exploited Host
Web App Attack
๐จ๐ญ
backslash
2025-12-05 19:20:09
(7 months ago)
block ruleset 486D2EE5E731CC049D1E480D68D04DFFE28AADF1
Bad Web Bot
๐ช๐ธ
10dencehispahard SL
2025-12-03 08:06:38
(7 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2025-06-05 09:55:01
(1 year ago)
(mod_security) mod_security (id:217200) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:217200) triggered by 83.97.117.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 05 05:54:56.445889 2025] [security2:error] [pid 2086366:tid 2086366] [client 83.97.117.197:42897] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header||nextlevelcharge.com|F|2"] [data "/xmlrpc.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "nextlevelcharge.com"] [uri "/xmlrpc.php"] [unique_id "aEFpcKl4_-JYphNAREJKYgAAAAQ"], referer: https://nextlevelcharge.com/
show less
Brute-Force
Bad Web Bot
Web App Attack