๐บ๐ธ
ipblock.com
2026-07-02 16:06:00
(1 week ago)
IPBlock protected site ID [3192-af][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
slay3r9903
2026-07-01 18:37:35
(1 week ago)
IP address blocked by Cloudflare security rules due to suspicious activity and security violations.
Hacking
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-10 08:56:09
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 04:55:56.436440 2026] [security2:error] [pid 4733:tid 4733] [client 213.232.120.139:36595] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||gonzalez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agBIHFgGCIurHuvUS5qx-gAAAAo"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 14:43:27
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 10:43:10.020131 2026] [security2:error] [pid 430:tid 430] [client 213.232.120.139:46961] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||brent23.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brent23.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ac0u_hfTOfbJ3v5ermo9GQAAABk"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 04:37:46
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 00:37:32.306604 2026] [security2:error] [pid 16676:tid 16676] [client 213.232.120.139:22457] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jolankagroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "actPjGPoS2oSyfbNJ6BrCwAAAAc"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
lp
2025-05-24 01:50:12
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 213.232.120.139
2025-05-24T03:26:41+0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 213.232.120.139
2025-05-24T03:26:41+02:00 vpn Access-Reject 'dorisa' station: 213.232.120.139 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-05-22 06:22:06
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 213.232.120.139
2025-05-22T06:49:12+0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 213.232.120.139
2025-05-22T06:49:12+02:00 vpn Access-Reject 'donia' station: 213.232.120.139 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-09 10:57:19
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 213.232.120.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 09 06:57:04.880374 2025] [security2:error] [pid 2234728:tid 2234728] [client 213.232.120.139:55391] [client 213.232.120.139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pushthemarketing.com"] [uri "/.env"] [unique_id "Z810AAjMyyh7GklbOF0q2QAAAAQ"], referer: https://tasamm.com/about/mmm96.html
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ผ
nansen su
2024-08-25 17:28:12
(1 year ago)
Firewall Web Interface Login fail: remip="213.232.120.139" user=test
Brute-Force
Exploited Host