Anonymous
2026-07-12 02:46:13
(7 hours ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2026-07-10 17:46:21
(1 day ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2026-07-09 14:15:07
(2 days ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐ฉ๐ช
s@ch@
2026-07-09 13:00:06
(2 days ago)
Jail: plesk-modsecurity | Web application attack (Plesk ModSecurity)
Web App Attack
๐ซ๐ฎ
6kilowatti
2026-07-09 12:46:58
(2 days ago)
135.181.202.88 - - [09/Jul/2026:15:46:57 +0300] "GET /graphql?password-protected=login&redirect_to=h ...
show more
135.181.202.88 - - [09/Jul/2026:15:46:57 +0300] "GET /graphql?password-protected=login&redirect_to=https%3A%2F%2Flvi-viitala.6kw.fi%2Fgraphql HTTP/1.1" 404 1678 "https://lvi-viitala.6kw.fi/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 12:36:12
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 135.181.202.88 (static.88.202.181.135.clients.y ...
show more
(mod_security) mod_security (id:210350) triggered by 135.181.202.88 (static.88.202.181.135.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:36:04.526192 2026] [security2:error] [pid 2799:tid 2799] [client 135.181.202.88:51114] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||fernfield.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "fernfield.com"] [uri "/wp-json/wp/v2/users/9"] [unique_id "ak-VtE3vziPzdDgytVCDkwAAAAU"], referer: https://fernfield.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 12:19:00
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 135.181.202.88 (static.88.202.181.135.clients.y ...
show more
(mod_security) mod_security (id:210350) triggered by 135.181.202.88 (static.88.202.181.135.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 08:18:54.202719 2026] [security2:error] [pid 3179:tid 3193] [client 135.181.202.88:53948] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.myrtlebeachdiet.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.myrtlebeachdiet.com"] [uri "/feed/"] [unique_id "ak-RrnpTUizw01L_Fj1N2wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 11:44:33
(2 days ago)
(mod_security) mod_security (id:210350) triggered by 135.181.202.88 (static.88.202.181.135.clients.y ...
show more
(mod_security) mod_security (id:210350) triggered by 135.181.202.88 (static.88.202.181.135.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:44:27.117361 2026] [security2:error] [pid 9769:tid 9769] [client 135.181.202.88:56470] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||stat-alliance.com|F|4"] [data "keep-alive, keep-alive"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "stat-alliance.com"] [uri "/feed/json/"] [unique_id "ak-Jm6xS_JfyeM7Oiz2WxAAAAAg"], referer: https://stat-alliance.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 09:30:20
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 135.181.202.88 (static.88.202.181.135.clients.y ...
show more
(mod_security) mod_security (id:225170) triggered by 135.181.202.88 (static.88.202.181.135.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:30:13.868041 2026] [security2:error] [pid 8719:tid 8719] [client 135.181.202.88:37296] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||inquisitivequincie.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "inquisitivequincie.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "ak9qJcmOadjA5lNyBk-BDwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
etu brutus
2026-07-09 09:28:35
(3 days ago)
135.181.202.88 has been banned for [WebApp Attack]
...
Hacking
Bad Web Bot
Web App Attack
๐ฆ๐บ
QT
2026-07-09 09:26:32
(3 days ago)
Unauthorised WordPress admin login attempted at 2026-07-09 19:26:30 +1000
Web App Attack
๐ฉ๐ช
london2038.com
2026-07-09 09:10:41
(3 days ago)
Probing for exploits
135.181.202.88 - - [09/Jul/2026:11:10:37 +0200] "GET /wp-login.php HTTP/2.0" 30 ...
show more
Probing for exploits
135.181.202.88 - - [09/Jul/2026:11:10:37 +0200] "GET /wp-login.php HTTP/2.0" 301 0 "-" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Safari/537.36"
135.181.202.88 - - [09/Jul/2026:11:10:37 +0200] "POST /wp-login.php HTTP/2.0" 301 0 "https://v97746.<REDACTED>/wp-login.php" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/150.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
๐ฉ๐ช
Hazzard
2026-07-09 09:01:26
(3 days ago)
(wordpress) Failed wordpress login from 135.181.202.88 (FI/Finland/Uusimaa/Helsinki/static.88.202.18 ...
show more
(wordpress) Failed wordpress login from 135.181.202.88 (FI/Finland/Uusimaa/Helsinki/static.88.202.181.135.clients.your-server.de/[redacted]): (CF_ENABLE)
show less
Brute-Force
๐ฌ๐ง
BRHosting
2026-07-09 08:55:02
(3 days ago)
Wordpress brute force attack for login credentials (eg xmlrc.php or wp-login.php)
Brute-Force
Web App Attack
๐ฌ๐ง
spamverify.com
2026-07-09 08:52:41
(3 days ago)
Honeypot Hit: WordPress Users
Web Spam
Blog Spam
Bad Web Bot
Web App Attack