πͺπΈ
Gem
2026-06-19 22:13:11
(3 days ago)
Unauthorized web scan.
Web App Attack
2026-06-19 14:45:21
(3 days ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/fix/up.php
Web App Attack
πΊπ¦
URAN Publishing Service
2026-06-19 12:51:39
(3 days ago)
168.144.41.59 - - [19/Jun/2026:15:51:37 +0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 714 ...
show more
168.144.41.59 - - [19/Jun/2026:15:51:37 +0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 714 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)"
168.144.41.59 - - [19/Jun/2026:15:51:38 +0300] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 711 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)"
...
show less
Web App Attack
πΊπΈ
MPL
2026-06-19 07:45:08
(3 days ago)
tcp/80 (4 or more attempts)
Port Scan
2026-06-19 07:02:38
(3 days ago)
...
Web App Attack
π¨π¦
internetworld
2026-06-19 06:30:17
(3 days ago)
168.144.41.59 - - [19/Jun/2026:06:30:15 +0000] "GET /wp-login.php HTTP/1.1" 200 513 "-" "Mozilla/5.0 ...
show more
168.144.41.59 - - [19/Jun/2026:06:30:15 +0000] "GET /wp-login.php HTTP/1.1" 200 513 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"
...
show less
Bad Web Bot
Web App Attack
π¦πΉ
Pingger Shikkoken
2026-06-19 05:26:26
(3 days ago)
2026-06-19T05:26:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ...
show more
2026-06-19T05:26:26+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=168.144.41.59 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=103 ID=53382 DF PROTO=TCP SPT=52292 DPT=80 WINDOW=65535 RES=0x00 CWR ECE SYN URGP=0 2026-06-19T05:26:27+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=168.144.41.59 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=103 ID=53383 DF PROTO=TCP SPT=52292 DPT=80 WINDOW=65535 RES=0x00 CWR ECE SYN URGP=0 2026-06-19T05:26:29+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=168.144.41.59 DST=10.1.1.2 LEN=52 TOS=0x00 PREC=0x00 TTL=103 ID=53384 DF PROTO=TCP SPT=52292 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
show less
Hacking
Bad Web Bot
2026-06-19 05:10:07
(3 days ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
π«π·
Kenshin869
2026-06-19 05:08:46
(3 days ago)
Wordpress unauthorized access attempt
Brute-Force
π²π½
octageeks.com
2026-06-19 04:15:19
(3 days ago)
Wordpress malicious attack:[octaflood]
Web App Attack
π©πͺ
LRob.fr
2026-06-19 01:45:15
(4 days ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
π«π·
dynamix
2026-06-19 00:49:56
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πͺπΈ
masterguru
2026-06-19 00:37:56
(4 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (5000900-122)
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-19 00:32:24
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 168.144.41.59 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 168.144.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 20:32:21.170206 2026] [security2:error] [pid 26258:tid 26258] [client 168.144.41.59:53139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.144.41.59 (+1 hits since last alert)|newhopepetgrooming.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newhopepetgrooming.com"] [uri "/xmlrpc.php"] [unique_id "ajSOFQfksZDJM05ZeK3Z9wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-19 00:17:04
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 168.144.41.59 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 168.144.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 20:16:59.384455 2026] [security2:error] [pid 14381:tid 14381] [client 168.144.41.59:60506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 168.144.41.59 (+1 hits since last alert)|comicpreservation.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "comicpreservation.com"] [uri "/xmlrpc.php"] [unique_id "ajSKe7Tx8aV6fh6nLOpgvQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack