๐บ๐ธ
TPI-Abuse
2026-07-01 02:40:48
(20 hours ago)
(mod_security) mod_security (id:240000) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 22:40:43.764479 2026] [security2:error] [pid 29941:tid 29941] [client 185.132.186.4:35303] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||kurikka.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "kurikka.net"] [uri "/images/stories/themes.php"] [unique_id "akR-K5lP90l6FHaaDHN6GwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-30 19:52:21
(1 day ago)
(wordpress) Failed wordpress login from 185.132.186.4 (-)
Brute-Force
๐ซ๐ท
Kenshin869
2026-06-23 22:20:24
(1 week ago)
Wordpress unauthorized access attempt
Brute-Force
๐ซ๐ท
dynamix
2026-06-09 22:19:48
(3 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 07:20:02
(3 weeks ago)
(mod_security) mod_security (id:240000) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:19:57.688586 2026] [security2:error] [pid 11917:tid 11917] [client 185.132.186.4:49387] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||fitzmail.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "fitzmail.com"] [uri "/images/stories/themes.php"] [unique_id "aiZtHR7BG7sswy_LuboEiAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
sms.ru
2026-06-06 07:42:44
(3 weeks ago)
/wp-admin/js/index.php
Web App Attack
๐ซ๐ท
Octopuce
2026-06-05 23:39:27
(3 weeks ago)
Aggressive web search of vulnerable pages: /wp-content/themes/twentyfive/include.php /wp-includes/cs ...
show more
Aggressive web search of vulnerable pages: /wp-content/themes/twentyfive/include.php /wp-includes/css/about.php /cgi-bin/install.php /wp-conten ...
show less
Web App Attack
๐ฟ๐ฆ
simon boshoff
2026-06-03 09:06:33
(4 weeks ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐ฉ๐ช
4server
2026-05-23 07:22:37
(1 month ago)
[SatMay2309:22:33.4017342026][security2:error][pid644552:tid644622][client185.132.186.4:0]ModSecurit ...
show more
[SatMay2309:22:33.4017342026][security2:error][pid644552:tid644622][client185.132.186.4:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"studio-portale.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahFVuSubtMAObd1HBMqwowAAAIk\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-23 06:52:50
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 02:52:46.663478 2026] [security2:error] [pid 8718:tid 8718] [client 185.132.186.4:64189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.coyotebytes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.coyotebytes.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ahFOvpRiMJ6epMAE9HINAwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-02-23 17:06:36
(4 months ago)
Request Overload (190)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 20:06:39
(4 months ago)
(mod_security) mod_security (id:240000) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 185.132.186.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 15:06:32.175386 2026] [security2:error] [pid 32127:tid 32127] [client 185.132.186.4:44771] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||sscsco.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "sscsco.com"] [uri "/images/stories/themes.php"] [unique_id "aZthyOTPtAOnTYoGZcQVFQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-02-14 23:35:29
(4 months ago)
wordpress-trap
Web App Attack
๐ณ๐ฑ
maxxsense
2026-02-03 23:10:55
(4 months ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 185.132.186.4 (ZA/South ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 185.132.186.4 (ZA/South Africa/-)
show less
Port Scan
๐ฉ๐ช
findlab
2026-01-22 02:00:13
(5 months ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack