๐ฉ๐ช
juutis
2026-06-16 12:22:38
(2 weeks ago)
Multiple WAF abuses - IP blocked
Hacking
Brute-Force
Web App Attack
๐ณ๐ฑ
ParaBug
2026-06-16 11:38:50
(2 weeks ago)
144.172.105.121 - - [16/Jun/2026:13:38:49 +0200] "GET /wp-config.php_ HTTP/1.1" 301 500 "-" "Python- ...
show more
144.172.105.121 - - [16/Jun/2026:13:38:49 +0200] "GET /wp-config.php_ HTTP/1.1" 301 500 "-" "Python-urllib/2.7"
...
show less
Phishing
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 10:56:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 144.172.105.121 (121.105.172.144.static.cloudzy ...
show more
(mod_security) mod_security (id:210492) triggered by 144.172.105.121 (121.105.172.144.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 06:56:29.083915 2026] [security2:error] [pid 11355:tid 11489] [client 144.172.105.121:57469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mykfccares.com"] [uri "/wp-config.php_"] [unique_id "ajEr3fYCyKWX0T8ajT0aUAAAAFQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 07:04:11
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 144.172.105.121 (121.105.172.144.static.cloudzy ...
show more
(mod_security) mod_security (id:210492) triggered by 144.172.105.121 (121.105.172.144.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 03:04:03.125337 2026] [security2:error] [pid 18408:tid 18408] [client 144.172.105.121:63082] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.easy2surf.com"] [uri "/wp-config.php_"] [unique_id "ajD1YwnhvxOUOB1p2Y9blQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฏ๐ต
beon
2026-06-16 02:35:02
(2 weeks ago)
[DateTime=>2026-06-16T02:35:02Z (UTC)] , [HoneyPot_Hit=>once] , [HoneyPot=>/wp-config.php_] , [total ...
show more
[DateTime=>2026-06-16T02:35:02Z (UTC)] , [HoneyPot_Hit=>once] , [HoneyPot=>/wp-config.php_] , [total_Hit=>once] , [Keyword=>WordPress]
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 02:00:00
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 2002:90ac:6979::90ac:6979 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2002:90ac:6979::90ac:6979 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 21:59:52.873588 2026] [security2:error] [pid 3462:tid 3462] [client 2002:90ac:6979::90ac:6979:52981] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bacpool.com"] [uri "/wp-config.php_"] [unique_id "ajCuGMc3ry4eUFD5Db0_VwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
strxmpp
2026-06-16 01:02:27
(2 weeks ago)
144.172.105.121 - - [16/Jun/2026:03:02:26 +0200] "GET /wp-config.php_ HTTP/1.1" 301 614 "-" "Python- ...
show more
144.172.105.121 - - [16/Jun/2026:03:02:26 +0200] "GET /wp-config.php_ HTTP/1.1" 301 614 "-" "Python-urllib/2.7"
...
show less
Bad Web Bot
Anonymous
2026-06-16 00:58:13
(2 weeks ago)
Web attack blocked by Wordfence on mergel.nu (1 hit). Reported by CRMON.
Web App Attack
๐บ๐ธ
nyt
2026-06-16 00:57:52
(2 weeks ago)
WP Config Probe
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 00:23:51
(2 weeks ago)
Abuse Detected (3)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 23:55:47
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 144.172.105.121 (121.105.172.144.static.cloudzy ...
show more
(mod_security) mod_security (id:210492) triggered by 144.172.105.121 (121.105.172.144.static.cloudzy.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:55:39.861597 2026] [security2:error] [pid 4875:tid 4875] [client 144.172.105.121:65430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billswilliams.com"] [uri "/wp-config.php_"] [unique_id "ajCQ-zTiw6zeE_ntH62yLQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-15 22:05:13
(2 weeks ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=4
Hacking
๐ฉ๐ช
LRob
2026-06-15 21:45:04
(2 weeks ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ธ๐ช
SkyDancer
2026-06-15 20:23:44
(2 weeks ago)
Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ...
show more
Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X).
show less
Hacking
Brute-Force
๐จ๐ญ
4server
2026-06-15 18:32:31
(2 weeks ago)
[MonJun1520:32:24.5430522026][security2:error][pid256123:tid256352][client2002:90ac:6979::90ac:6979: ...
show more
[MonJun1520:32:24.5430522026][security2:error][pid256123:tid256352][client2002:90ac:6979::90ac:6979:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Matchof\"rx\(\^w3c-\|systran\\\\\\\\\)\)\"against\"REQUEST_HEADERS:User-Agent\"required.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"218\"][id\"331039\"][rev\"1\"][msg\"Atomicorp.comWAFRules:SuspiciousUnusualUserAgent\(Python-urllib\).DisablethisruleifyouusePython-urllib.\"][severity\"CRITICAL\"][hostname\"hosting-domini.ch\"][uri\"/Search-Replace-DB-master/\"][unique_id\"ajBFOJUPOws2izu2oKwnLQAAANQ\"]
show less
Hacking
Web App Attack