๐ซ๐ท
SpaceHost-Server
2026-06-30 22:47:45
(1 day ago)
Brute-Force
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-29 22:29:45
(2 days ago)
Brute-Force
Web App Attack
๐ฉ๐ช
macrob
2026-06-29 03:17:51
(3 days ago)
2026/06/29 03:17:49 [error] 359958#359958: *337454319 access forbidden by rule, client: 168.144.109. ...
show more
2026/06/29 03:17:49 [error] 359958#359958: *337454319 access forbidden by rule, client: 168.144.109.229, server: behemoti.com, request: "GET //wp-includes/wlwmanifest.xml HTTP/2.0", host: "behemoti.com"
2026/06/29 03:17:49 [error] 359958#359958: *337454323 access forbidden by rule, client: 168.144.109.229, server: behemoti.com, request: "GET //xmlrpc.php?rsd HTTP/2.0", host: "behemoti.com"
2026/06/29 03:17:50 [error] 359958#359958: *337454333 access forbidden by rule, client: 168.144.109.229, server: behemoti.com, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/2.0", host: "behemoti.com"
...
show less
Web App Attack
Anonymous
2026-06-29 03:05:11
(3 days ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=19
Hacking
๐ฉ๐ช
dbmwebdesign
2026-06-29 02:35:39
(3 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-06-29 01:28:52
(3 days ago)
Probing websites for vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 01:09:51
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 168.144.109.229 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 168.144.109.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 21:09:47.069810 2026] [security2:error] [pid 11801:tid 11801] [client 168.144.109.229:61457] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jmichaelpope.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jmichaelpope.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akHF29QbiAEgLozWUI3x3wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-29 01:07:17
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
masterguru
2026-06-29 00:53:23
(3 days ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-195)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-29 00:38:36
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 168.144.109.229 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 168.144.109.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 20:38:28.698458 2026] [security2:error] [pid 23544:tid 23544] [client 168.144.109.229:50821] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.bearssd.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.bearssd.org"] [uri "/bearquake/wp-json/wp/v2/users/"] [unique_id "akG-hF29yEhNecMafVNTcwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
roxyapi
2026-06-29 00:18:27
(3 days ago)
Honeypot: automated vulnerability scan / web app attack. Last probe: GET /blog/wp-includes/wlwmanife ...
show more
Honeypot: automated vulnerability scan / web app attack. Last probe: GET /blog/wp-includes/wlwmanifest.xml
show less
Web App Attack
Bad Web Bot
Anonymous
2026-06-28 23:47:09
(3 days ago)
PSCSERV WPSCAN 168.144.109.229
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 22:29:42
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 168.144.109.229 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 168.144.109.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:29:35.630412 2026] [security2:error] [pid 12761:tid 12761] [client 168.144.109.229:62533] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bbproductionsonline.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akGgT_UT1NCKGLReanb3JwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 21:42:28
(3 days ago)
Bad Web Bot
๐ง๐ช
cmbplf
2026-06-28 20:33:07
(3 days ago)
2.755 requests with url.path //xmlrpc.php
578 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot