๐ฆ๐บ
paulshipley.com.au
2026-07-19 08:38:51
(2 hours ago)
[Sun Jul 19 18:38:50.674685 2026] [security2:error] [pid 889924] [client 130.193.15.79:52594] [clien ...
show more
[Sun Jul 19 18:38:50.674685 2026] [security2:error] [pid 889924] [client 130.193.15.79:52594] [client 130.193.15.79] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stkildashule.org.au"] [uri "/"] [unique_id "alyNGs7sItqscxiR6kG_QwAAAAA"]
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-19 05:04:20
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 130.193.15.79 (vps121143.cloud-anywhere.eu): 1 ...
show more
(mod_security) mod_security (id:225170) triggered by 130.193.15.79 (vps121143.cloud-anywhere.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 19 01:04:16.131570 2026] [security2:error] [pid 12713:tid 12713] [client 130.193.15.79:55890] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||coyotebytes.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coyotebytes.net"] [uri "/wp-json/wp/v2/users"] [unique_id "alxa0NRSpkx5pvdtouxtewAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
convos
2026-07-17 18:33:28
(1 day ago)
Auto-blocked by IT Solutions USA security proxy after malicious web-shell/backdoor scanning and atta ...
show more
Auto-blocked by IT Solutions USA security proxy after malicious web-shell/backdoor scanning and attack probes. Requests blocked (403).
show less
Web App Attack
Hacking
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-16 19:53:08
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 130.193.15.79 (vps121143.cloud-anywhere.eu): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 130.193.15.79 (vps121143.cloud-anywhere.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:53:03.260112 2026] [security2:error] [pid 3409514:tid 3409514] [client 130.193.15.79:38398] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 130.193.15.79 (+1 hits since last alert)|barkatthemoonpetsitting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barkatthemoonpetsitting.com"] [uri "/xmlrpc.php"] [unique_id "alk2nw8qd91OLKvVPDfmhgAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 22:57:41
(4 days ago)
(mod_security) mod_security (id:210350) triggered by 130.193.15.79 (vps121143.cloud-anywhere.eu): 1 ...
show more
(mod_security) mod_security (id:210350) triggered by 130.193.15.79 (vps121143.cloud-anywhere.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 18:57:36.822283 2026] [security2:error] [pid 5566:tid 5566] [client 130.193.15.79:42888] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.varnadorefamily.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.varnadorefamily.com"] [uri "/login"] [unique_id "ala-4Md9sPjhEbNTFvn3iwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
solution.it
2026-07-13 13:52:43
(5 days ago)
[Mon Jul 13 15:52:43.093204 2026] [php7:error] [pid 137982:tid 137982] [client 130.193.15.79:38464] ...
show more
[Mon Jul 13 15:52:43.093204 2026] [php7:error] [pid 137982:tid 137982] [client 130.193.15.79:38464] script '/var/www/html/xmlrpc.php' not found or unable to stat
show less
Web App Attack
๐บ๐ธ
nowyouknow
2026-07-12 22:15:39
(6 days ago)
Phishing
Web Spam
Anonymous
2026-07-12 03:21:17
(1 week ago)
Web Spam
Anonymous
2026-07-10 17:46:20
(1 week ago)
Failed Wordpress Logins
Web App Attack
๐บ๐ธ
HamSammich
2026-07-09 04:11:36
(1 week ago)
Automated sensor: 1 HTTPS connection/probe attempts over the last 24h (latest 2026-07-09T04:11Z).
Brute-Force
Web App Attack
๐ฆ๐บ
dyln
2026-07-08 07:33:42
(1 week ago)
Dyls honeypot brute-force: proto8 (1 total hits)
Brute-Force
๐บ๐ธ
knock
2026-07-08 07:33:42
(1 week ago)
Knock-Knock honeypot brute-force: proto8 (1 total hits)
Brute-Force
๐ฉ๐ช
big-cloud.nl
2026-07-04 23:04:04
(2 weeks ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐ง๐ฌ
pa4080
2026-07-03 06:00:49
(2 weeks ago)
Detected by ModSecurity. Request URI: /.git/config
Web App Attack
Anonymous
2026-07-01 05:54:32
(2 weeks ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH