๐บ๐ธ
TPI-Abuse
2026-02-13 19:02:36
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 14:02:32.374804 2026] [security2:error] [pid 4956:tid 4956] [client 156.239.219.154:34954] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||insidepublications.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "insidepublications.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aY91SJs-9vHSCIbxjrfqzAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-06 10:25:15
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 05:25:08.139283 2026] [security2:error] [pid 809:tid 809] [client 156.239.219.154:29636] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.realclean.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.realclean.net"] [uri "/wp-login.php"] [unique_id "aYXBhDjkOzS0nLg0QDc5_wAAABA"], referer: http://realclean.net/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-26 20:18:58
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 15:18:53.514901 2026] [security2:error] [pid 18029:tid 18029] [client 156.239.219.154:19204] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.67ronin.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.67ronin.com"] [uri "/wp-login.php"] [unique_id "aXfMLf9yxdzlJVnu79KfewAAABg"], referer: http://67ronin.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-02 06:36:10
(6 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 02 01:36:02.121201 2026] [security2:error] [pid 18165:tid 18165] [client 156.239.219.154:49982] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||jolankagroup.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jolankagroup.com"] [uri "/wp-login.php"] [unique_id "aVdnUg2bJvipdX04ea0yGwAAAAQ"], referer: http://jolankagroup.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-31 00:57:56
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-11-23 20:47:29
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 15:47:25.608033 2025] [security2:error] [pid 18326:tid 18326] [client 156.239.219.154:12261] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||iconconstructors.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "iconconstructors.com"] [uri "/wp-login.php"] [unique_id "aSNy3TFBV1xvkT9WFROt2QAAAAM"], referer: http://iconconstructors.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-23 04:25:33
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 22 23:25:29.417374 2025] [security2:error] [pid 31154:tid 31154] [client 156.239.219.154:20795] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||barigby.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barigby.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aSKMucYEVaiPCQsYfQ1digAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-20 09:21:08
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 20 04:21:02.531598 2025] [security2:error] [pid 27952:tid 27952] [client 156.239.219.154:38063] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||persnicketyinc.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "persnicketyinc.com"] [uri "/wp-login.php"] [unique_id "aR7dfpn5gLN4AasoAzq8RQAAAA4"], referer: http://persnicketyinc.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-17 19:07:14
(8 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 14:07:09.403781 2025] [security2:error] [pid 2750:tid 2750] [client 156.239.219.154:28895] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||corporatepresentation.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "corporatepresentation.net"] [uri "/wp-login.php"] [unique_id "aRtyXcoDiGlwce6XS2DC8wAAAAM"], referer: http://corporatepresentation.net/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2025-10-22 07:45:13
(8 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
Anonymous
2025-08-01 00:18:32
(11 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.08.01 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.08.01 is noted in report timestamp
show less
Hacking
Brute-Force
Anonymous
2025-07-31 16:56:45
(11 months ago)
Attempted brute force login to web vpn 5 time(s); last attempt for 2025.07.31 is noted in report tim ...
show more
Attempted brute force login to web vpn 5 time(s); last attempt for 2025.07.31 is noted in report timestamp
show less
Hacking
Brute-Force
๐จ๐ญ
backslash
2025-07-19 14:25:04
(11 months ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฎ๐ณ
wizard1411
2025-06-14 16:56:27
(1 year ago)
DDoS and brute force activity detected
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2025-06-07 00:09:15
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.239.219.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 06 20:09:07.624704 2025] [security2:error] [pid 606109:tid 606109] [client 156.239.219.154:13285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||siczewicz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "siczewicz.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aEODIz9XLSGjiVjhLKBAMgAAAA0"], referer: https://siczewicz.com
show less
Brute-Force
Bad Web Bot
Web App Attack