๐บ๐ธ
TPI-Abuse
2026-07-02 22:27:47
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 18:27:41.818206 2026] [security2:error] [pid 4765:tid 4777] [client 212.119.41.176:63669] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cjherbalremedies.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cjherbalremedies.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akbl3ThN1hma4b0J9j1fGQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
JimArchon72
2026-06-16 04:20:02
(3 weeks ago)
2026/06/16 04:15:29 "GET /wp-login.php?action=register HTTP/1.1"
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-11 22:50:40
(3 weeks ago)
(mod_security) mod_security (id:210350) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 18:50:32.079512 2026] [security2:error] [pid 32539:tid 32539] [client 212.119.41.176:25947] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||hawaiivacations.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hawaiivacations.com"] [uri "/"] [unique_id "ais7uBsHTN_GcEFNi6PEhwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
JimArchon72
2026-04-15 07:30:02
(2 months ago)
2026/04/15 07:27:03 "POST /wp-login.php HTTP/1.1"
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-27 21:11:34
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 16:11:28.426531 2026] [security2:error] [pid 988:tid 1024] [client 212.119.41.176:46137] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rubenluis.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rubenluis.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaIIgIhzs6xpG-svYvMnywAAAFY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nowyouknow
2026-02-15 00:26:52
(4 months ago)
(From [email protected] ) Hi Team,
AI is compressing operating costs and sales cycles right n ...
show more
(From [email protected] ) Hi Team,
AI is compressing operating costs and sales cycles right now, teams that donโt automate will fall behind this year. We deploy tailored AI workflows (CRM updates, scheduling, invoicing, reporting) so you see productivity gains immediately.
Take advantage of automation before competition: (305) 697-6875
show less
Phishing
Web Spam
๐บ๐ธ
TPI-Abuse
2025-12-05 02:24:10
(7 months ago)
(mod_security) mod_security (id:210350) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210350) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:24:04.436460 2025] [security2:error] [pid 18344:tid 18344] [client 212.119.41.176:26503] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||walkerweb.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "walkerweb.com"] [uri "/"] [unique_id "aTJCRFaYCZutWzru9SPFagAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-21 06:52:00
(8 months ago)
"Undesired, excess traffic against library/education infrastructure"
Brute-Force
Anonymous
2025-08-22 11:48:49
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐จ๐ญ
backslash
2025-05-10 04:56:43
(1 year ago)
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-05-06 04:51:01
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 00:50:48.651620 2025] [security2:error] [pid 586991:tid 586991] [client 212.119.41.176:19013] [client 212.119.41.176] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Bailey/Thumbs.db"] [unique_id "aBmVKP1Xj1jHiwUt4t7QkQAAACk"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Bailey/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-05 10:05:39
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 212.119.41.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 05 05:05:32.804438 2025] [security2:error] [pid 44212:tid 44212] [client 212.119.41.176:39951] [client 212.119.41.176] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Hudson II/Thumbs.db"] [unique_id "Z8gh7EXN4DhCdjLH86yg7gAAAAY"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Hudson%20II/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2024-11-01 02:05:17
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-10-31 17:53:29
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐จ๐ฆ
wil.com
2024-09-25 10:47:50
(1 year ago)
GlobalProtect login attempts with user istokes.
VPN IP
Brute-Force