๐บ๐ธ
TPI-Abuse
2026-02-17 20:04:25
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 15:04:20.840530 2026] [security2:error] [pid 31267:tid 31290] [client 156.239.221.166:29756] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||kettlehill.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kettlehill.com"] [uri "/wp-login.php"] [unique_id "aZTJxHStOX_c0DZ5W9xkywAAABQ"], referer: https://kettlehill.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-13 03:09:59
(6 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 12 22:09:52.610068 2026] [security2:error] [pid 24260:tid 24260] [client 156.239.221.166:19204] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.abundancecompany.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.abundancecompany.com"] [uri "/wp-login.php"] [unique_id "aWW3gFij_40ZycD5YcICSQAAAAU"], referer: https://www.abundancecompany.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2026-01-11 02:06:53
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-31 00:58:57
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐บ๐ธ
TPI-Abuse
2025-12-29 00:26:22
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 19:26:17.697796 2025] [security2:error] [pid 1043:tid 1043] [client 156.239.221.166:59876] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||carolinafootprints.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "carolinafootprints.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aVHKqWQo93EFwttlGhlqiAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-23 18:35:31
(6 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 23 13:35:22.197569 2025] [security2:error] [pid 32081:tid 32081] [client 156.239.221.166:36650] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||primacomm.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "primacomm.com"] [uri "/wp-login.php"] [unique_id "aUrg6lxMHJBy9SLpkvZoxgAAAAE"], referer: https://primacomm.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-15 03:38:09
(7 months ago)
botnet
DDoS Attack
๐บ๐ธ
TPI-Abuse
2025-12-02 22:46:28
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 02 17:46:19.762530 2025] [security2:error] [pid 9113:tid 9113] [client 156.239.221.166:18097] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.mfleetservice.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mfleetservice.com"] [uri "/wp-login.php"] [unique_id "aS9sOwBuSijuq8A6fO9-7QAAABA"], referer: http://mfleetservice.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-21 15:43:48
(7 months ago)
(mod_security) mod_security (id:225170) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 21 10:43:44.900910 2025] [security2:error] [pid 6000:tid 6000] [client 156.239.221.166:35839] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wave94.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wave94.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aSCIsKapYazpzNfedyNT3AAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-17 07:16:58
(8 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 17 02:16:51.950817 2025] [security2:error] [pid 3458:tid 3458] [client 156.239.221.166:10275] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||engineeringarts.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "engineeringarts.com"] [uri "/wp-login.php"] [unique_id "aRrL46XyCM65MKwg4F7D9gAAAAY"], referer: https://engineeringarts.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-16 18:39:06
(8 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 16 13:39:01.774030 2025] [security2:error] [pid 7310:tid 7310] [client 156.239.221.166:55721] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||blindshine.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "blindshine.com"] [uri "/wp-login.php"] [unique_id "aRoaRd7Nx66ukjBde_Qv1wAAAAQ"], referer: https://blindshine.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-14 09:44:58
(9 months ago)
(mod_security) mod_security (id:225170) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 156.239.221.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 14 05:44:53.808377 2025] [security2:error] [pid 1697:tid 1697] [client 156.239.221.166:25849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||globalmappinginc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "globalmappinginc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aO4blTfwQpt9BmSLHFApGgAAAAE"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-07-31 20:38:44
(11 months ago)
Attempted brute force login to web vpn 3 time(s); last attempt for 2025.07.31 is noted in report tim ...
show more
Attempted brute force login to web vpn 3 time(s); last attempt for 2025.07.31 is noted in report timestamp
show less
Hacking
Brute-Force
๐ฎ๐ณ
wizard1411
2025-06-14 16:51:05
(1 year ago)
DDoS and brute force activity detected
Brute-Force
SSH
๐บ๐ธ
hostseries
2025-05-11 17:18:48
(1 year ago)
Brute-force cPanel Services
Brute-Force