๐ซ๐ท
โจ
2026-07-14 00:19:12
(2 hours ago)
Domain : gwcjobtracker.app
Rule : hack
2026-07-14 00:17:46 ***hidden-privacy*** GET /.env.bak - 80 - ...
show more
Domain : gwcjobtracker.app
Rule : hack
2026-07-14 00:17:46 ***hidden-privacy*** GET /.env.bak - 80 - 15.237.51.4 HTTP/1.1 - - gwcjobtracker.app 307 0 0 329 51 26 - -
show less
Hacking
SQL Injection
Brute-Force
๐ฉ๐ช
onlyops.app
2026-07-14 00:00:21
(2 hours ago)
Web application firewall (ModSecurity) detected malicious traffic | detected by Fail2Ban (plesk-mods ...
show more
Web application firewall (ModSecurity) detected malicious traffic | detected by Fail2Ban (plesk-modsecurity jail) | onlyops.app
show less
Exploited Host
๐ฉ๐ช
NewWavesApp
2026-07-13 19:57:25
(6 hours ago)
(mod_security) mod_security triggered on hostname [redacted] 15.237.51.4 (FR/France/ec2-15-237-51-4. ...
show more
(mod_security) mod_security triggered on hostname [redacted] 15.237.51.4 (FR/France/ec2-15-237-51-4.eu-west-3.compute.amazonaws.com): (CF_ENABLE)
show less
SQL Injection
๐ฎ๐น
VHosting
2026-07-13 19:05:03
(7 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-13 18:40:05
(7 hours ago)
Web App Attack
๐ฉ๐ช
Dominik Lysiak
2026-07-13 16:32:42
(10 hours ago)
15.237.51.4 - - [13/Jul/2026:18:32:41 +0200] "GET /.env.bak HTTP/1.1" 444 0 "-" "-"
15.237.51.4 - - ...
show more
15.237.51.4 - - [13/Jul/2026:18:32:41 +0200] "GET /.env.bak HTTP/1.1" 444 0 "-" "-"
15.237.51.4 - - [13/Jul/2026:18:32:41 +0200] "GET /.env HTTP/1.1" 444 0 "-" "-"
15.237.51.4 - - [13/Jul/2026:18:32:41 +0200] "GET /.env.backup HTTP/1.1" 444 0 "-" "-"
...
show less
Web App Attack
Anonymous
2026-07-06 08:45:36
(1 week ago)
15.237.51.4 - - [06/Jul/2026:10:45:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (M ...
show more
15.237.51.4 - - [06/Jul/2026:10:45:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0 Safari/537.36"
15.237.51.4 - - [06/Jul/2026:10:45:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0 Safari/537.36"
15.237.51.4 - - [06/Jul/2026:10:45:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0 Safari/537.36"
15.237.51.4 - - [06/Jul/2026:10:45:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0 Safari/537.36"
15.237.51.4 - - [06/Jul/2026:10:45:35 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
poundawebsiteltd
2026-07-01 03:19:28
(1 week ago)
Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 15.237.51.4 - - [01/Jul/2026:04: ...
show more
Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:443 15.237.51.4 - - [01/Jul/2026:04:19:25 +0100] POST /index.php?option=com_jce HTTP/1.1 403 235 - Mozilla/5.0
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-15 06:38:08
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 15.237.51.4 (ec2-15-237-51-4.eu-west-3.compute. ...
show more
(mod_security) mod_security (id:225170) triggered by 15.237.51.4 (ec2-15-237-51-4.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 02:38:02.704278 2026] [security2:error] [pid 3500201:tid 3500201] [client 15.237.51.4:23899] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||futuresgrowhere.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "futuresgrowhere.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad8ySqxPsRGZOuDRZLzxRQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Little Iguana
2021-02-22 15:46:31
(5 years ago)
Attempt to hack Wordpress Login, XMLRPC or other login
Hacking
๐ฉ๐ช
www.elinox.de
2021-02-21 17:26:05
(5 years ago)
21.02.2021 23:26:09 - Bad Robot
Ignore Robots.txt
Bad Web Bot
๐บ๐ธ
crooze.net
2021-02-21 13:09:26
(5 years ago)
15.237.51.4 - - [21/Feb/2021:13:09:25 -0500] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "curl/7.61.1"
...
Web App Attack
๐ฉ๐ช
Little Iguana
2021-02-21 11:34:53
(5 years ago)
Attempt to hack Wordpress Login, XMLRPC or other login
Hacking