๐บ๐ธ
TPI-Abuse
2026-06-29 07:39:38
(4 hours ago)
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 03:39:34.037053 2026] [security2:error] [pid 18466:tid 18466] [client 141.94.94.166:56678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.barbaraehill.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.barbaraehill.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akIhNo3-ABPyYiplFtHWswAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-29 07:39:19
(4 hours ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐บ๐ธ
Lee Daniel
2026-06-29 07:21:04
(5 hours ago)
141.94.94.166 - - [29/Jun/2026:03:21:00 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1 ...
show more
141.94.94.166 - - [29/Jun/2026:03:21:00 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45711 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
141.94.94.166 - - [29/Jun/2026:03:21:00 -0400] "GET //website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45703 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
141.94.94.166 - - [29/Jun/2026:03:21:01 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45688 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
141.94.94.166 - - [29/Jun/2026:03:21:02 -0400] "GET //2018/wp-includes/wlwmanifest.xml HTTP/1.1" 404 45696 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
141.94.94.166 - - [29/Jun/2026:03:21:03 -0400] "GET //2019/wp-includes/wlwmani
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 01:30:14
(10 hours ago)
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:30:11.083358 2026] [security2:error] [pid 5227:tid 5227] [client 141.94.94.166:58083] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jmichaelpope.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jmichaelpope.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akHKo9P8lKgKk-E9WNqQnAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
โจ
2026-06-29 01:17:21
(11 hours ago)
Domain : bangorfc.com
Rule : env
2026-06-29 00:52:17 W3SVC464 PLESK72 79.171.34.85 GET /wp/wp-includ ...
show more
Domain : bangorfc.com
Rule : env
2026-06-29 00:52:17 W3SVC464 PLESK72 79.171.34.85 GET /wp/wp-includes/wlwmanifest.xml - 443 - 141.94.94.166 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 - - bangorfc.com 404 0 2 9076 347 15 - -
show less
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-28 21:06:09
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:06:05.374406 2026] [security2:error] [pid 27921:tid 27921] [client 141.94.94.166:53466] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bamedica.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bamedica.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akGMvfOk_6jvrUIGGjmhlAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dolphi
2026-06-28 19:30:02
(16 hours ago)
Excessive POST //wp-login.php requests
Brute-Force
Web App Attack
๐จ๐ญ
zynex
2026-06-28 18:18:40
(18 hours ago)
URL Probing: /news/wp-includes/wlwmanifest.xml
Web App Attack
๐ฉ๐ช
LRob.fr
2026-06-28 17:45:08
(18 hours ago)
Repeated attacks detected by Fail2Ban in recidive jail
Hacking
๐ฉ๐ช
LRob.fr
2026-06-28 17:30:05
(18 hours ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
Anonymous
2026-06-28 17:05:14
(19 hours ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=20
Hacking
๐ฉ๐ช
LRob.fr
2026-06-28 16:30:14
(19 hours ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
๐ฉ๐ช
todix
2026-06-28 13:15:11
(23 hours ago)
Web App Attack Exploid from 141.94.94.166
Web App Attack
๐ฎ๐ช
Jim Keir
2026-06-28 10:32:38
(1 day ago)
2026-06-28 10:32:37 141.94.94.166 File scanning, blocking 141.94.94.166 for 5 minutes
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 07:38:11
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 141.94.94.166 (vps-e0dfe072.vps.ovh.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 03:38:05.721924 2026] [security2:error] [pid 12598:tid 12598] [client 141.94.94.166:61876] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.badconsultingllc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.badconsultingllc.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akDPXdW-7Jogi5aP6hwKVQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack