๐บ๐ธ
TPI-Abuse
2026-02-12 09:16:04
(5 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 04:15:55.390409 2026] [security2:error] [pid 828280:tid 828280] [client 156.239.222.226:30002] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.passy.us|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.passy.us"] [uri "/wp-login.php"] [unique_id "aY2aSzSpNW83LESSd3dZFgAAAAQ"], referer: http://passy.us/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-02-04 17:52:17
(5 months ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer
... [wa01]
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-01-12 07:07:32
(6 months ago)
Web password guessing
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-01-07 22:23:48
(6 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 17:23:44.277457 2026] [security2:error] [pid 23659:tid 23659] [client 156.239.222.226:11504] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.nekstlevel.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nekstlevel.com"] [uri "/wp-login.php"] [unique_id "aV7c8A5ODotrZ-Sd8yD1kAAAAAY"], referer: https://www.nekstlevel.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Packets-Decreaser.NET
2025-12-31 00:57:35
(6 months ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
๐ฆ๐บ
MAGIC
2025-12-19 00:02:54
(6 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-12-17 12:49:23
(6 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 17 07:49:19.899734 2025] [security2:error] [pid 11538:tid 11538] [client 156.239.222.226:16038] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||campnecon.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "campnecon.com"] [uri "/wp-login.php"] [unique_id "aUKmz4b4t7LhAmU-CxHvsAAAAAM"], referer: http://campnecon.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-19 06:11:36
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 19 01:11:31.325226 2025] [security2:error] [pid 27246:tid 27246] [client 156.239.222.226:42567] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||carolinafootprints.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "carolinafootprints.com"] [uri "/wp-login.php"] [unique_id "aR1fkxc9Aoyz67K-TYQMrAAAABg"], referer: https://carolinafootprints.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-18 20:07:10
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 18 15:07:02.966829 2025] [security2:error] [pid 2028:tid 2028] [client 156.239.222.226:27825] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||harwoodmechanical.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "harwoodmechanical.com"] [uri "/wp-login.php"] [unique_id "aRzR5jDj0Kj41lP4TJSYZQAAABQ"], referer: https://harwoodmechanical.com/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-18 10:55:33
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 156.239.222.226 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 18 05:55:30.195366 2025] [security2:error] [pid 15384:tid 15384] [client 156.239.222.226:10003] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||lcoor.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "lcoor.org"] [uri "/wp-login.php"] [unique_id "aRxQojzlz4x3mHGo5ryHDwAAAAY"], referer: https://lcoor.org/wp-login.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
F242
2025-11-14 14:55:15
(8 months ago)
Wordpress Login or XMLRPC abuse
Web App Attack
๐ฎ๐ณ
wizard1411
2025-06-15 03:20:14
(1 year ago)
DDoS and brute force activity detected
Brute-Force
SSH
๐บ๐ธ
inspectorgdgt
2025-04-12 22:48:38
(1 year ago)
Multiple failed SSL VPN login attempts from 156.239.222.226
Brute-Force
๐จ๐ญ
backslash
2025-04-09 06:25:05
(1 year ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot