๐บ๐ธ
TPI-Abuse
2026-06-10 20:37:48
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:37:24.724411 2026] [security2:error] [pid 8502:tid 8502] [client 146.19.39.212:43155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.csm-dtc.com"] [uri "/wp-config.php.txt"] [unique_id "ainLBOR9pwNzf59cJsp9xwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-29 15:24:16
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 11:24:12.581178 2026] [security2:error] [pid 22379:tid 22379] [client 146.19.39.212:24803] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||slimlaw.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "slimlaw.com"] [uri "/s3cmd.ini"] [unique_id "afIinMM2QUYcj5dPQEsXPAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-04-29 14:35:06
(2 months ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 146.19.39.212 (US/United States/-): 1 ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 146.19.39.212 (US/United States/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-04-29 10:57:52
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 06:57:46.475718 2026] [security2:error] [pid 20257:tid 20257] [client 146.19.39.212:41669] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.cyberv.info.networkmediasoftware.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cyberv.info.networkmediasoftware.com"] [uri "/s3cmd.ini"] [unique_id "afHkKkp3bOnMakF9A9vfcQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-27 06:32:07
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 02:32:03.956370 2026] [security2:error] [pid 23022:tid 23022] [client 146.19.39.212:23149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.corangues.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.corangues.com"] [uri "/s3cmd.ini"] [unique_id "ae8C4zpoN31kba_MCOF2BQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-04-26 08:48:25
(2 months ago)
High error rate and elevated request volume targeting cPanel servers
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-26 04:48:29
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 00:48:24.399286 2026] [security2:error] [pid 14891:tid 14891] [client 146.19.39.212:11233] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.eboredom.net|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.eboredom.net"] [uri "/s3cmd.ini"] [unique_id "ae2ZGAg0JRgy0ElO2Ri9ogAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 03:40:16
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 146.19.39.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 23:40:10.684540 2026] [security2:error] [pid 20246:tid 20246] [client 146.19.39.212:19663] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.conversationtalentnetwork.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.conversationtalentnetwork.com"] [uri "/s3cmd.ini"] [unique_id "ae2JGpGUJEUuiCBIWLcyaQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Skyrider
2026-03-17 11:39:51
(3 months ago)
146.19.39.212 - - [17/Mar/2026:12:39:47 +0100] "POST /xmlrpc.php HTTP/2.0" 404 114 "-" "Apache-HttpC ...
show more
146.19.39.212 - - [17/Mar/2026:12:39:47 +0100] "POST /xmlrpc.php HTTP/2.0" 404 114 "-" "Apache-HttpClient/4.5.13 (Java/11.0.30)"
146.19.39.212 - - [17/Mar/2026:12:39:48 +0100] "GET /wp-login.php HTTP/2.0" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
146.19.39.212 - - [17/Mar/2026:12:39:49 +0100] "GET /wp-login.php HTTP/2.0" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
146.19.39.212 - - [17/Mar/2026:12:39:50 +0100] "GET /wp-admin.php HTTP/2.0" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
146.19.39.212 - - [17/Mar/2026:12:39:51 +0100] "GET /wp-json/wp/v2/users HTTP/2.0" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
catalink.com
2026-03-13 19:51:43
(3 months ago)
Brute forcing Wordpress login
Exploited Host
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-11-17 16:50:45
(7 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐จ๐ณ
ThreatBook.io
2025-04-30 22:50:11
(1 year ago)
2025-04-30 04:54:37 /+CSCOE+/logon.html
Web App Attack
Anonymous
2025-03-31 11:21:15
(1 year ago)
This IP was involved in an brute force and password spray attack on 2025/03/31 06:19:29
Port Scan
Brute-Force
Exploited Host
Web App Attack
Anonymous
2025-03-28 09:49:28
(1 year ago)
This IP was involved in an brute force and password spray attack on 2025/03/28 04:46:04
Port Scan
Brute-Force
Exploited Host
Web App Attack