๐ฆ๐บ
paulshipley.com.au
2026-07-06 07:25:01
(5 hours ago)
[Mon Jul 06 17:25:01.004140 2026] [security2:error] [pid 79175] [client 146.19.91.67:27293] [client ...
show more
[Mon Jul 06 17:25:01.004140 2026] [security2:error] [pid 79175] [client 146.19.91.67:27293] [client 146.19.91.67] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "whoson2day.com"] [uri "/robots.txt"] [unique_id "aktYTeHUbODHtkoJO6QV4gAAAAA"]
...
show less
Web App Attack
๐บ๐ธ
ambor
2026-07-04 23:57:39
(1 day ago)
Honeypot access: WordPress admin access attempt. Path: /wp-login.php
Brute-Force
Web App Attack
๐ซ๐ท
tilellit.pro
2026-06-28 08:00:24
(1 week ago)
Fail2Ban banned 146.19.91.67 for security violations in jail wp-armour. Log: 2026/06/28 08:00:24 [er ...
show more
Fail2Ban banned 146.19.91.67 for security violations in jail wp-armour. Log: 2026/06/28 08:00:24 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 146.19.91.67 | Target: wplogin" , client: 146.19.91.67, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐ซ๐ท
tilellit.pro
2026-06-25 17:49:02
(1 week ago)
Fail2Ban banned 146.19.91.67 for security violations in jail wp-armour. Log: 2026/06/25 17:49:01 [er ...
show more
Fail2Ban banned 146.19.91.67 for security violations in jail wp-armour. Log: 2026/06/25 17:49:01 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 146.19.91.67 | Target: wplogin" , client: 146.19.91.67, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php"
...
show less
Web Spam
๐จ๐ฟ
ptlab
2026-06-25 10:45:37
(1 week ago)
Detected wp_login attack from WP-host.
Hacking
Web App Attack
๐บ๐ธ
kosada.com
2026-06-24 20:24:14
(1 week ago)
Web password guessing
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-22 00:04:29
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 20:04:25.292248 2026] [security2:error] [pid 25018:tid 25018] [client 146.19.91.67:46151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||anxo.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "anxo.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajh8CVpMzRYh0FAdzOWo7gAAAAA"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 20:00:34
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 16:00:29.944742 2026] [security2:error] [pid 19167:tid 19198] [client 146.19.91.67:26363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.projekmanagement.aafm.us"] [uri "/.git/config"] [unique_id "ahC13STGbne_T2OcY29nTAAAANQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 19:22:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 15:22:31.405024 2026] [security2:error] [pid 27850:tid 27850] [client 146.19.91.67:44019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "geauxcowboys.com"] [uri "/.git/config"] [unique_id "ahCs933kU3eAK4Wi5JWG_gAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-22 18:55:27
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 146.19.91.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 14:55:22.425905 2026] [security2:error] [pid 12541:tid 12541] [client 146.19.91.67:32447] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||wellness-mastery.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "wellness-mastery.com"] [uri "/s3cmd.ini"] [unique_id "ahCmmjYc2aghUwxkLGZ-cAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-05-21 22:40:40
(1 month ago)
1.037 requests with url.path *.git/*
Brute-Force
Bad Web Bot
๐ฉ๐ช
kjaerulff
2026-05-18 11:46:53
(1 month ago)
Failed Wordpress login using wp-login.php
Web App Attack
๐จ๐ฆ
lakered
2026-05-12 05:48:44
(1 month ago)
Honeypot Lakered: Nginx: Malicious proxy headers injection (spoofing attempt on direct connection) ( ...
show more
Honeypot Lakered: Nginx: Malicious proxy headers injection (spoofing attempt on direct connection) (Pattern: proxy_header_detected). IP automatically banned.
show less
Port Scan
Web App Attack
๐ฉ๐ช
bescared
2025-07-25 22:36:00
(11 months ago)
Malicious activity detected: Method not allowed.
Web Spam
Bad Web Bot
๐ฆ๐บ
MAGIC
2025-05-08 22:10:09
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot