๐บ๐ธ
TPI-Abuse
2026-06-11 11:18:01
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:17:57.137691 2026] [security2:error] [pid 29388:tid 29396] [client 140.235.171.177:10721] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.geoception.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.geoception.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiqZZXJAIe-WP2qsgniK9AAAAIY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Oakley
2026-06-02 05:09:10
(1 month ago)
(mod_security) mod_security (id:900177) triggered by 140.235.171.177 (US/United States/-): 5 in the ...
show more
(mod_security) mod_security (id:900177) triggered by 140.235.171.177 (US/United States/-): 5 in the last 900 secs
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-22 14:01:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 10:01:13.416651 2026] [security2:error] [pid 20100:tid 20100] [client 140.235.171.177:18917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bzbdesigns.com"] [uri "/wp-config.php.dist"] [unique_id "ahBhqb_GRG7AevdpQHLGGgAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 13:43:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 09:43:21.013567 2026] [security2:error] [pid 29953:tid 29953] [client 140.235.171.177:30919] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barigby.com"] [uri "/wp-config.php.orig"] [unique_id "ahBdeT-B4YWNVSYBT2K9twAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 16:11:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:11:19.161756 2026] [security2:error] [pid 12998:tid 12998] [client 140.235.171.177:40333] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abundancecompany.com"] [uri "/wp-config.php~"] [unique_id "ag3dJ7cf786k0Eqa1xgLPgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 13:25:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 09:25:00.767705 2026] [security2:error] [pid 8796:tid 8796] [client 140.235.171.177:39403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "passy.us"] [uri "/wp-config.php.bak"] [unique_id "ag22LLjpLqkgX-bs09gCLwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 12:12:11
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.177 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:12:07.403113 2026] [security2:error] [pid 28954:tid 28954] [client 140.235.171.177:22381] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanureport.com"] [uri "/wp-config.php.dist"] [unique_id "ag2lFxxmcci4cYWSkoFehgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
COMAITE
2026-05-16 07:53:52
(1 month ago)
Suspicious URL access.
Web App Attack
๐บ๐ธ
mnsf
2026-05-15 15:05:22
(1 month ago)
Scanning/Probing (34)
Brute-Force
Web App Attack
๐ง๐ช
voormedia
2026-05-02 11:58:23
(2 months ago)
Accessed trap at '/wp-login.php'
Web App Attack
๐บ๐ธ
antlac1
2026-04-17 02:15:50
(2 months ago)
crowdsecurity/http-probing
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-04-16 17:45:11
(2 months ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
Anonymous
2026-03-18 10:30:39
(3 months ago)
Aggressive web scan
Web App Attack
๐ฒ๐น
Malta
2026-02-14 01:36:06
(4 months ago)
140.235.171.177 - - [14/Feb/2026:02:36:05 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows ...
show more
140.235.171.177 - - [14/Feb/2026:02:36:05 +0100] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
show less
VPN IP
Hacking
Web App Attack
Anonymous
2026-02-01 06:52:25
(5 months ago)
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.02.01 is noted in report tim ...
show more
Attempted brute force login to web vpn 1 time(s); last attempt for 2026.02.01 is noted in report timestamp
show less
Hacking
Brute-Force