๐ฌ๐ง
seniorlinuxadmin
2026-05-01 00:59:55
(1 month ago)
140.235.171.199 - - [01/May/2026:01:59:52 +0100] "GET /.aws/credentials HTTP/1.1" 404 158 "-" "Mozil ...
show more
140.235.171.199 - - [01/May/2026:01:59:52 +0100] "GET /.aws/credentials HTTP/1.1" 404 158 "-" "Mozilla/5.0 (Linux; Android 9; SM-N950U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.89 Mobile Safari/537.36"
show less
Port Scan
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-03-25 21:07:24
(3 months ago)
(wp_login_try) srv101 WP Login Attempt 140.235.171.199 (US/United States/-): 10 in the last 3600 sec ...
show more
(wp_login_try) srv101 WP Login Attempt 140.235.171.199 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-13 00:47:38
(3 months ago)
(mod_security) mod_security (id:210350) triggered by 140.235.171.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 140.235.171.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 12 20:47:17.704322 2026] [security2:error] [pid 17346:tid 17353] [client 140.235.171.199:45497] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.rpiusa.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.rpiusa.net"] [uri "/index2/services"] [unique_id "abNelS5qD1a-0UnQ_yv2LwAAAIU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
Cognisant-Security
2026-03-10 14:57:00
(3 months ago)
Attempting to log in using invalid credentials
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-03-06 18:13:25
(3 months ago)
(mod_security) mod_security (id:210350) triggered by 140.235.171.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 140.235.171.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 06 13:13:20.312457 2026] [security2:error] [pid 16174:tid 16174] [client 140.235.171.199:62369] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||primacomm.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "primacomm.com"] [uri "/"] [unique_id "aasZQHllJEQLqk8NVs5QIQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-10 14:34:53
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-11-14 08:40:31
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 140.235.171.199 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.171.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 14 03:40:27.540285 2025] [security2:error] [pid 6034:tid 6034] [client 140.235.171.199:23843] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||andrsn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "andrsn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aRbq-7nxwun7o4FgNi4uaAAAAA8"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack