๐ซ๐ฎ
JimArchon72
2026-07-03 02:05:01
(4 days ago)
2026/07/03 02:02:48 "GET /wp-login.php?action=register HTTP/1.1"
Web App Attack
๐ณ๐ฟ
Tripwire
2026-07-02 12:44:36
(4 days ago)
Wordpress login attempts
Brute-Force
Web App Attack
Anonymous
2026-05-24 12:16:38
(1 month ago)
140.235.171.35 - - [24/May/2026:12:16:37 +0000] "GET /.env.local HTTP/1.1" 404 44394 "-" "Mozilla/5. ...
show more
140.235.171.35 - - [24/May/2026:12:16:37 +0000] "GET /.env.local HTTP/1.1" 404 44394 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 13:05:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 09:05:30.330689 2026] [security2:error] [pid 10213:tid 10233] [client 140.235.171.35:54629] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reghay.com"] [uri "/wp-config.php.orig"] [unique_id "ahBUmqFB2nVRXNUXTt2SlAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 11:55:34
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:55:28.240482 2026] [security2:error] [pid 16922:tid 16922] [client 140.235.171.35:25861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "websitesforauthors.design"] [uri "/wp-config.php.dist"] [unique_id "ahBEMO-av4Se8IKVDhj1DwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-21 17:20:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 13:20:22.954937 2026] [security2:error] [pid 2230:tid 2230] [client 140.235.171.35:28131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lenorasflowers.lahamradio.com"] [uri "/wp-config.txt"] [unique_id "ag8-1ugSEYp-2nxkL9EdWgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 20:15:38
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:15:33.441719 2026] [security2:error] [pid 12127:tid 12127] [client 140.235.171.35:54631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sharonmauldin.com"] [uri "/wp-config.php.save"] [unique_id "ag4WZV9pfpDffpi1nfIcRQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 16:25:42
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 12:25:37.141479 2026] [security2:error] [pid 5215:tid 5221] [client 140.235.171.35:42965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "culturallyyours.lamco.us"] [uri "/wp-config.php.orig"] [unique_id "ag3ggZFCf_iRIFpi0OSjnwAAAME"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 12:07:42
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:07:38.300183 2026] [security2:error] [pid 3092:tid 3092] [client 140.235.171.35:11281] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jonleefamily.brushmileage.org|F|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jonleefamily.brushmileage.org"] [uri "/wp-config.inc"] [unique_id "ag2kChhNhmwv7-mc7M2_ngAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-05-16 18:00:08
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (US/United States/-): 5 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 140.235.171.35 (US/United States/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-30 02:00:26
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 22:00:21.371655 2026] [security2:error] [pid 2732:tid 2737] [client 140.235.171.35:15417] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sandiegosamband.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sandiegosamband.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afK3tRnhIQ89Nt5Pvs3xzwAAAEE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-27 22:56:03
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 18:55:57.800868 2026] [security2:error] [pid 27289:tid 27289] [client 140.235.171.35:60453] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||glassclublake.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "glassclublake.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae_pfXtViFBOYSNq47oMRwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-27 11:06:46
(2 months ago)
140.235.171.35 - - [27/Apr/2026:13:06:46 +0200] "GET /wp-json/wp/v2/users HTTP/2.0" 301 169 "-" "Go- ...
show more
140.235.171.35 - - [27/Apr/2026:13:06:46 +0200] "GET /wp-json/wp/v2/users HTTP/2.0" 301 169 "-" "Go-http-client/2.0"
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-27 10:59:40
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 06:59:35.630218 2026] [security2:error] [pid 17466:tid 17466] [client 140.235.171.35:32803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||firstunitedreserve.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "firstunitedreserve.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae9Blw4Bsx4TsIQo67oMmQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 04:41:08
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 140.235.171.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 00:41:04.170575 2026] [security2:error] [pid 3987:tid 3987] [client 140.235.171.35:15139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||barkatthemoonpetsitting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barkatthemoonpetsitting.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae2XYDxS42PqFUnY7-_5NQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack